Secure interoperation in a multidomain environment employing RBAC policies

IEEE Transactions on Knowledge and Data Engineering

Volumn 17, Issue 11, 2005, Pages 1557-1577

  Shafiq, Basit ^a,b,e   Joshi, James B D ^a,c,f   Bertino, Elisa ^{a,b,d,f,g,h,i,j}   Ghafoor, Arif ^a,b,k,l  

^a IEEE

^b PURDUE UNIVERSITY   (United States)

^c UNIVERSITY OF PITTSBURGH   (United States)

^d Purdue University   (United States)

^e Purdue University   (United States)

^f ACM

^g ACM ^*  (United States)

^h UNIVERSITY OF MILAN   (Italy)

ⁱ DB and SEC Laboratory   (United States)

^j Very Large Database Systems (VLDB)   (United States)

^k Distributed Multimedia Systems Laboratory   (United States)

^l Information Infrastructure Security Research Laboratory   (United States)

more..

Author keywords

Multidomain; Policy integration; Role Based Access Control (RBAC); Secure interoperation

Indexed keywords

MULTIDOMAIN; POLICY INTEGRATION; ROLE-BASED ACCESS CONTROL; SECURE INTEROPERATION;

DISTRIBUTED COMPUTER SYSTEMS; INTEGER PROGRAMMING; INTERNET; MULTIMEDIA SYSTEMS; OPTIMAL CONTROL SYSTEMS; PROBLEM SOLVING; SECURITY SYSTEMS;

VIRTUAL REALITY;

EID: 28244460211     PISSN: 10414347     EISSN: None     Source Type: Journal    
DOI: 10.1109/TKDE.2005.185     Document Type: Article

References (26)

1. D. Bell and L. Lapadula, "Secure Computer Systems: Mathematical Foundations," Technical Report MTR-2547, vol. 1, MITRE Corp., Mar. 1973.
2. P.A. Bonatti, M.L. Sapino, and VS. Subrahmanian, "Merging Heterogeneous Security Orderings," Proc. European Symp. Research in Computer Security (ESORICS), pp. 183-197, 1996.
3. P. Bonatti, S.D.C. Vimercati, and P. Samarati, "An Algebra for Composing Access Control Policies," ACM Trans. Information and System Security, vol. 5, no. 1, Feb. 2002.
4. E. Cohen, R.K. Thomas, W. Winsborough, and D. Shands, "Models for Coalition-Based Access Control," Proc. Seventh ACM Symp. Access Control Models and Technologies, June 2002.
5. S. Dawson, S. Qian, and P. Samarati, "Providing Security and Interoperation of Heterogeneous Systems," Distributed and Parallel Databases, vol. 8, pp. 119-145, Aug. 2000.
6. X. Qian and T.F. Lunt, "A MAC Policy Framework for Multilevel Relational Databases," IEEE Trans. Knowledge and Data Eng., vol. 8, no. 1, pp. 3-15, Feb. 1996.
7. S.I. Gavrila and J.F. Barkley, "Formal Specification for Role Based Access Control User/Role and Role/Role Relationship Management," Proc. Third ACM Workshop Role-Based Access Control, Oct. 1998.
8. E. Bertino, E. Ferrari, and V. Atluri, "The Specification and Enforcement of Authorization Constraints in Workflow Management Systems," ACM. Trans. Information and System Security, vol. 2, no. 1, pp. 65-104, 1999.
9. E. Bertino, F. Buccafurri, E. Ferrari, and P. Rullo, "A Logical Framework for Reasoning on Data Access Control Policies," Proc. 12th IEEE Computer Security foundations Workshop, pp. 175-189, 1999.
10. L. Gong and X. Qian, "Computational Issues in Secure Inter-operation," IEEE Trans. Software Eng., vol. 22, no. 1, Jan. 1996.
11. G. Yan, W.K. Ng, and E. Lim, "Product Schema Integration for Electronic Commerce-A Synonym Comparison Approach," IEEE Trans. Knowledge and Data Eng., vol. 14, no. 3, pp. 583-598, May/ June 2002.
12. G.J. Ahn, M. Rang, J. Park, and R. Sandhu, "Injecting RBAC to Secure a Web-Based Workflow System," Proc ACM Workshop Role-Based Access Control (RBAC), 2000.
13. J.B.D. Joshi, A. Ghafoor, W. Aref, and E.H. Spafford, "Digital Government Security Infrastructure Design Challenges," Computer, vol. 34, no. 2, pp. 66-72, Feb. 2001.
14. J.B.D. Joshi, E. Bertino, and A. Ghafoor, "Temporal Hierarchies and Inheritance Semantics for GTRBAC," Proc. Seventh ACM Symp. Access Control Models and Technologies, pp. 74-83, June 2002.
15. J.B.D. Joshi, E. Bertino, U. Latif, and A. Ghafoor, "Generalized Temporal Role Based Access Control Model," IEEE Trans. Knowledge and Data Eng., vol. 17, no. 1, pp. 4-23, Jan. 2005.
16. M. Koch, L.V. Mancini, and F.P. Presicce, "A Graph-Based Formalism for RBAC," ACM Trans. Information and System Security, vol. 5, no. 3, pp. 332-365, Aug. 2002.
17. E. Lupu and M. Sloman, "Conflicts in Policy-Based Distributed Systems Management," IEEE Trans. Software Eng., vol 25, no. 6, pp. 852-869, Nov. 1999.
18. W.S. Li and C. Clifton, "Semantic Integration in Heterogeneous Databases Using Neural Networks," Proc. Very Large Data Bases Conf., 1994.
19. S.L. Osborn, R. Sandhu, and Q. Munawer, "Configuring Role-Based Access Control to Enforce Mandatory and Discretionary Access Control Policies," ACM Trans. Information and System Security, vol. 3, no. 2, pp. 85-106, Feb. 2000.
20. R. Pottinger and P.A. Bernstein, "Merging Models Based on Given Correspondences," Proc. Very Large Data Bases Conf., pp. 826-873, 2003.
21. R. Power, 'Tangled Web': Tales of Digital Crime from the Shadows of Cyberspace. Que/Macmillan Publishing, Aug. 2000.
22. R. Sandhu, E.J. Coyne, H.L. Feinstein, and C.E. Youman, "Role Based Access Control Models," Computer, vol. 29, no. 2, Feb. 1996.
23. R. Sandhu, "Role Activation Hierarchies," Proc. Third ACM Workshop Role-Based Access Control, Oct. 1998.
24. V. Vet and N. Mars, "Bottom-Up Construction of Ontologies," IEEE Trans. Knowledge and Data Eng., vol. 10, no. 4, pp. 513-526, July/Aug. 1998.
25. L.A. Wolsey, Integer Programming. New York: John Wiley, 1998.
26. C. Batini, M. Lenzrini, and S.B. Navathe, "A Comparative Analysis of Methodologies for Database Schema Integration," ACM Computing Surveys, vol. 18, no. 4, pp. 323-364, 1986.