separation of duty in trust-based collaboration

	separation of duty in trust-based collaboration
	Deng Lingli ; He Yeping ; Xu Ziyao
	2009
会议名称	4th International Conference on Information Security and Cryptology (Inscript 2008)
会议日期	DEC 14-17,
会议地点	Beijing, PEOPLES R CHINA
关键词	Secure Collaboration
页码	370-388
英文摘要	When domains employing heterogeneous RBAC policies collaborate by crossdomain role-role mappings, their local Separation of Duty constraints face the risk of breaching. We present the requirements for constraint-secure interoperation, to prohibit implicit authorizations that break constraints from other member domains, and propose a trust-based framework to ensure constraint-secure interoperation. The framework introduces cross-domain migration and remote assurance of constraints between mutually trusted domains to maximize interoperability, while ensuring separation of constraints between distrusted domains to minimize security risk. Specifically, we use a bitmap-based history-recording mechanism for member domains to analyze the interplay among innerdomain role hierarchies, crossdomain mappings and constraints. Algorithms of a fully distributed implementation, security proofs and illustrative usage cases for the proposed solution are provided.
收录类别	其他
会议主办者	Chinese Assoc Cryptol Res, State Key Lab Informat Secur, Inst Software, Grad Univ Chinese Acad Sci, Natl Nat Sci Fdn China
会议录	Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
会议录出版者	INFORMATION SECURITY AND CRYPTOLOGY
会议录出版地	HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY
语种	英语
ISSN号	0302-9743
ISBN号	978-3-642-01439-0
内容类型	会议论文
源URL	[http://124.16.136.157/handle/311060/8366]
专题	软件研究所_基础软件国家工程研究中心_会议论文
推荐引用方式 GB/T 7714	Deng Lingli,He Yeping,Xu Ziyao. separation of duty in trust-based collaboration[C]. 见:4th International Conference on Information Security and Cryptology (Inscript 2008). Beijing, PEOPLES R CHINA. DEC 14-17,.