An integrated framework for trust-based access control for open systems

2006 International Conference on Collaborative Computing: Networking, Applications and Worksharing, CollaborateCom

Volumn , Issue , 2006, Pages

  Chuang, Michael ^a   Phoomvuthisarn, Suronapee ^a   Joshi, James B D ^a  

^a UNIVERSITY OF PITTSBURGH   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL POLICIES; APPLICATION DOMAINS; INTEGRATED FRAMEWORKS; INTER-DOMAIN; INTERNATIONAL CONFERENCES; MAPPING MECHANISMS; MOBILE ENVIRONMENTS; MULTIMEDIA TECHNOLOGIES; NEGOTIATION PROCESSES; OPEN ENVIRONMENTS; PEER-TO-PEER; PROTECTION REQUIREMENTS; ROLE-BASED ACCESS CONTROL; SECURE INTEROPERATION; TRUST-BASED ACCESS CONTROL; WORK-SHARING;

CHLORINE COMPOUNDS; CONFORMAL MAPPING; CONTROL SYSTEMS; DISTRIBUTED COMPUTER SYSTEMS; GAME THEORY; MECHANISMS; OPEN SYSTEMS; SECURITY SYSTEMS;

ACCESS CONTROL;

ACCESS CONTROL POLICIES; APPLICATION DOMAINS; INTEGRATED FRAMEWORKS; INTER-DOMAIN; INTERNATIONAL CONFERENCES; MAPPING MECHANISMS; MOBILE ENVIRONMENTS; MULTIMEDIA TECHNOLOGIES; NEGOTIATION PROCESSES; OPEN ENVIRONMENTS; PEER-TO-PEER; PROTECTION REQUIREMENTS; ROLE-BASED ACCESS CONTROL; SECURE INTEROPERATION; TRUST-BASED ACCESS CONTROL; WORK-SHARING;

EID: 50249180177     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/COLCOM.2006.361881     Document Type: Conference Paper

References (39)

1. Atluri, V. and Warner, J., "Supporting Conditional Delegation in Secure Workflow Management Systems," ACM Symposium on Access Control Models and Technologies (SACMAT), 2005.
2. Azzedin, F. and Maheswaran, M., "Towards Trust-Aware Resource Mangement," 2nd IEEE/ACM International Symposium on Cluster Computing and the Grid (CCGrid'02), (2002).
3. Basu, S., Adhikari, S., Kumar, R., Yan, Y., Hochmuth, R. and Blaho, B.E., "mmgrid: Distributed Resource Management Infrastructure for Multimedia Applications," 17 th International Parallel and Distributed Processing Symposium, 2003.
4. Bhatti, R., Bertino, E., Ghafoor, A., and Joshi, J. B. D., "XML-Based Specification for Web Services Document Security," IEEE Computer, Vol. 37, 2004, pp. 41-49.
5. Biskup, J., Flegel, U., Karabulut, Y., "Secure Mediation: Requirements and Design," Proceedings of 12th Annual IFIP WG 11.3 on Database Security, 1998.
6. Bonatti, P.A., Sapino, M. L., Subrahmanian, V.S., "Merging Heterogeneous Security Orderings," Esorics, 1996, pp. 183-197.
7. Calvanese, D., Giacomo, G.D. and Lenserini, M., "A Framework for Ontology Integration," Proceedings of the International Semantic Web Working Symposium (SWWS), CA, USA, 2001.
8. Camp, L.J., "DRM: doesn't really mean digital copyright management," in Proceedings of the 9th ACM conference on Computer and communications security, ACM Press, Washington, DC, USA, 2002, pp. 78-87.
9. Chandran, S.M., Joshi, J.B.D., "Towards Administration of a Hybrid Role Hierarchy," IEEE International Conference on Information Reuse and Integration, Las Vegas, 2005.
10. th International Conference on Web Information Systems Engineering, NY, USA, 2005.
11. Chandran, S.M, Panyim, Korporn, Joshi, J. B. D., "A Requirements-Driven Trust Framework for Secure Interoperation in Open Environments," the Fourth International Conference on Trust Management, (iTrust-06), Italy, 2006.
12. Cormen, T.H., Leiserson, C.E., Rivest, R.L., Stein, C.,"Introduction to Algorithms," MIT press, 1991.
13. Damiani, E., di Vimercati, S. de C., Paraboschi, S., Samarati, P., Violante, F., "A Reputation-Based Approach for Choosing Reliable Resources in Peer-to-Peer Networks," ACM CCS'02, Washington, DC, USA, 2002.
14. Dawson, S., Qian, S., Samarati, P., "Providing Security and Interoperation of Heterogeneous Systems," International Journal of Distributed and Parallel Databases, 2000.
15. Detsch, A., Gaspary, L.P., Barcellos, M.P. and Cavalheiro, G.G.H., "Towards a flexible security framework for peer-to-peer based grid computing," Proceedings of the 2nd workshop on Middleware for grid computing, ACM Press, Ontario, Canada, 2004, pp. 52-56.
16. Donovan, John O., Smyth, Barry, "Trust in Recommender Systems," Proceedings of the 10th international conference on Intelligent user interfaces, ACM Press, CA, USA, 2005, pp. 167-174.
17. th ACM Symposium on Access Control Models and Technologies, CA, USA, 2006.
18. Ferraiolo, D.F, Kuhn, D.R., "Role Based Access Control," 15th National Computer Security Conference, 1992.
19. Ferraiolo, D. F., Gilbert, D. M., Lynch, N., "An Examination of Federal and Commercial Access Control Policy Needs," NIST-NCSC, 1993, pp. 107-116.
20. Gong, L., Qian, X., "Computational Issues in Secure Interoperation," IEEE Transaction on Software and Engineering, Vol. 22, No. 1, 1996.
21. Johnson, D.S., "Approximation algorithms for combinatorial problems," Journal of Computer System Science, 1974, pp.256-278.
22. Joshi, J.B.D., Aref, W.G., Ghafoor, A., Spafford, E.H., "Security Models for Web-based Applications," Communications of the ACM, 2001, pp. 38-72.
23. Joshi, J.B.D., Ghafoor, A., Aref, W. G., and Spafford, E. H., "Digital Government Security Infrastructure Design Challenges," IEEE Computer, vol. 34, 2001, pp. 66-72.
24. th ACM Symposium on Access Control Models and Technologies, USA, 2002, pp. 74-83.
25. Joshi, J.B.D., Bhatti, R., Bertino, E., Ghafoor, A., "An Access Control Language for Multidomain Environments," IEEE Internet Computing, 2004.
26. Joshi, J.B.D., Bertino, E., Latif, U., Ghafoor, A., "A Generalized Temporal Role Based Access Control Model," IEEE Transactions on Knowledge and Data Engineering, Vol 17, No. 1, 2005, pp. 4-23.
27. Joshi, J.B.D., Bertino, E., Ghafoor, A., "An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model," IEEE Transactions on Dependable and Secure Computing, Vol. 2, No. 2, 2005.
28. Joshi, J. B. D., Bertino, E., Ghafoor, A., "Formal Foundation for Hybrid Hierarchies in GTRBAC," ACM Transactions on Information and System Security, 2006 (accepted).
29. Joshi, J.B.D., Du, Siqing, Joshi, Saubhagya R., "A Trust Based Access Control Management Framework for a Secure Grid Environment," Security in Distributed, Grid, and Pervasive Computing, 2006 (In Print).
30. Khedr, M., Karmouch, A., "Negotiating context Information in Context-Aware Systems," IEEE Intelligent Systems, Vol. 19, No. 6, Nov-Dec 2004.
31. Kanaskar, N. V., Topaloglu, Umit, Bayrak, Coskun, "Globus security model for grid environment," Software Engineering Notes Vol. 30, No. 6, 2005.
32. Osborn, S., Sandhu, R., Munawer, Q., "Configuring Role-based Access Control to Enforce Mandatory and Discretionary Access Control Policies," ACM Transactions on Information and System Security, 2000, pp. 85-106.
33. Piromruen, S., Joshi, J.B.D., "An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environment," IEEE Workshop on Object-oriented Real-time Databases, 2005.
34. Sandhu, R., "Role hierarchies and constraints for lattice-based access controls," Computer Security - Esorics'96, LNCSN. 1146, 1996, pp. 65-79.
35. Sen, S., "Minimal Cost Set Covering Using Probabilistic Methods," Proceedings of the 1993 ACM/SIGAPP symposium on Applied computing: states of the art and practice. IN, USA, 1993, pp. 157-164.
36. Shafiq, B., Joshi, J.B.D., Bertino, E., Ghafoor, A., "Secure Interoperation in a Multi-Domain Environment Employing RBAC Policies," IEEE Transactions in Knowledge and Data Engineering, 2005.
37. Shehab, M., Bertino, E., Ghafoor, A, "SERAT: SEcure Role mApping Technique for Decentralized Secure Interoperability," In Proceedings of the ACM Symposium on Access Control, Models and Technologies, Stockholm, Sweden, 2005.
38. Skogsrud, H., Benatallah, B., Casati, F., "Model Driven Trust Negotiation for Web Services," IEEE Internet Computing, 2003, pp. 45-52.
39. Smith, T.J. and Ramakrishnan, L., "Joint policy management and auditing in virtual organizations," Grid Computing, 2003, pp. 117-124.