Approaches to access control policy comparison and the inter-domain role mapping problem

Xiang, Hong; Hu, Haibo; Wang, Sheng; Sang, Jun; Ye, Chunxiao

doi:10.5755/j01.itc.45.3.13187

Cited by 2 publications

(3 citation statements)

References 17 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Authors in [12] address the heterogeneity problem of access control models across collaborating organizations. They proposed an equivalent based access collaboration model EABC to protect shared resources.…”

Section: Case 3: Approaches Tackling the Interoperability Between Hetmentioning

confidence: 99%

“…Other works have assumed that collaborating organizations are adopting the same access control model and proposed centralized solutions like [8,9] or distributed solutions like [10,11] to control access cross-organizations. Few works have tackled the heterogeneity of access control models problem [12][13][14], and none of them according to our knowledge has given a complete solution for automatic policy mapping between heterogeneous systems that covers both syntactic and semantic transformation.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism

Haguouche

Jarir

2018

Security and Communication Networks

View full text Add to dashboard Cite

During the last decade, organizations have been more and more aware of the benefits of engaging in collaborative activities. To attain a required collaborative objective, they are obligated to share sensitive resources such as data, services, and knowledge. However, sharing sensitive and private resources and exposing them for an external usage may prevent the organizations involved from collaborating. Therefore, this usage requires more preoccupation with security issues. Access control is one of these required security concerns. Several access control models are defined in the literature and this multitude of models creates heterogeneity of access control policies between the collaborating organizations. In this paper, we propose Access Control in Cross-Organizational coLLABoration ACCOLLAB, a solution for automatic mapping between heterogeneous access control policies in cross-organizational collaboration. To carry out this mapping, we suggest a mechanism founded mainly on XACML profiles and on a generic language derivative of XACML we define as Generic-XACML. We also formally prove that the mapping does not affect decision evaluation of policies. Thereby the proposed contribution ACCOLLAB allows each collaborating organization to communicate their access control policies and adopt other's policies without affecting their existing access control systems.

show abstract

Section: Case 3: Approaches Tackling the Interoperability Between Hetmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism

Haguouche

Jarir

2018

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…In addition, access control systems (ACS) are mostly used as a measure to restrict the access to sensitive data, specific areas, personal account information as well as to protect valuables. At the same time, the access control policies play an important role in distributed systems, such as the case of organizational collaboration, in order to prevent the organization's shared resources (machines and servers) from any unauthorized use or access [49]. The presence of ACS in our daily life brings forth many software security related challenges to protect both individual privacy and enterprise property through commerce and industry.…”

Section: Introductionmentioning

confidence: 99%

Towards the Formal Development of Software Based Systems: Access Control System as a Case Study

Boucherit

Castro

Khababa

et al. 2018

ITC

View full text Add to dashboard Cite

Our daily life is increasingly becoming more and more dependent on software as they are being extensively used to control safety and mission-critical systems. This has lead to very stringent verification requirements for ensuring that the software performs as intended. However, the testing based techniques cannot provide a rigorous verification due to limited computational and memory constraints and traditional formal verification techniques, like model checking and theorem proving, are not too straightforward to work with in the industrial setting. In this paper, as a first step to overcome these limitations, we describe a hybrid property based testing and model checking based technique for verifying both models and implementation of access control systems. Our approach addresses the model checking of critical properties of access control systems and aims at improving their reliability by using property based testing to analyze the corresponding software code. For illustration purposes, a simple example of an access control system is used.

show abstract

Approaches to access control policy comparison and the inter-domain role mapping problem

Cited by 2 publications

References 17 publications

Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism

Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism

Towards the Formal Development of Software Based Systems: Access Control System as a Case Study

Contact Info

Product

Resources

About