Security analysis and validation for access control in multi-domain environment based on risk

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 6047 LNCS, Issue , 2010, Pages 201-216

  Tang, Zhuo ^a   Zhang, Shaohua ^a   Li, Kenli ^a   Feng, Benming ^a  

^a HUNAN UNIVERSITY   (China)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL POLICIES; DYNAMIC ADJUSTMENT; EFFICIENT ALGORITHM; MULTI DOMAINS; PRECISE DEFINITION; RISK MODEL; ROLE-BASED; SAFETY ANALYSIS; SAFETY REQUIREMENTS; SECURITY ANALYSIS; SECURITY PROPERTIES; SIMILAR ANALYSIS; SINGLE DOMAINS; STATE TRANSITION SYSTEMS; TWO STAGE;

ACCESS CONTROL; ALGORITHMS; RISK ASSESSMENT;

SECURITY SYSTEMS;

EID: 78650285206     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: 10.1007/978-3-642-12827-1_15     Document Type: Conference Paper

References (15)

1. Joshi, J.B.D., Bertino, E.: Hybrid Role Hierarchy for Generalized Temporal Role Based Access Control Model. In: Proceedings of the 26th Annual International Computer Software and Applications Conference (COMPSAC 2002), Oxford, England, August 26-29 (2002).
2. Tang, Z., Li, R., Lu, Z., Wen, Z.: Dynamic Access Control Research for Inter-operation in Multi-domain Environment Based on Risk. In: Kim, S., Yung, M., Lee, H.-W. (eds.) WISA 2007. LNCS, vol. 4867, pp. 277-290. Springer, Heidelberg (2008).
3. Li, R., Tang, Z., Lu, Z.: A Request-driven Policy Framework for Secure Interoperation in Multi-domain Environment. International Journal of Computer Systems Science & Engineering 23(3), 193-206 (2008).
4. Li, N., Mitchell, J.C., Winsborough, W.H.: Beyond proof-of-compliance: Security analysis in trust management. Journal of the ACM 52(3), 474-514 (2005).
5. Li, N., Tripunitara, M.V.: Security Analysis in Role-Based Access Control. ACM Transactions on Information and System Security 9(4), 391-420 (2006).
6. Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role Based Access Control Models. Computer 29(2) (February 1996).
7. Moyer, M.J., Covington, M.J., Ahamad, M.: Generalized role-based access control for securing future applications. In: 23rd National Information Systems Security Conference (NISSC 2000), Baltimore, Md, USA (October 2000).
8. Zhang, G., Parashar, M.: Context-Aware Dynamic Access Control for Pervasive Applications. In: Proceedings of the Communication Networks and Distributed Systems Modeling and Simulation Conference (CNDS 2004), Western MultiConference (WMC), San Diego, CA, USA (January 2004).
9. Dimmock, N., Belokosztolszki, A., Eyers, D., Bacon, J., Moody, K.: Using Trust and Risk in Role-Based Access Control Policies. In: Proceedings of Symposium on Access Control Models and Technologies (2004).
10. Grandison, T., Sloman, M.: A Survey of Trust in Internet Applications. IEEE Communications Surveys 3(4), 2-16 (Fourth Quarter 2000).
11. Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceeding of IEEE Conference on Security and Privacy. AT&T (May 1996).
12. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: 2002 IEEE Symposium on Security and Privacy, pp. 114-131. IEEE, Los Alamitos (2002).
13. Yao, W.T.-M.: Fidelis: A policy-driven trust management framework. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 301-317. Springer, Heidelberg (2003).
14. Dimmock, N., Belokosztolszki, A., Eyers, D., et al.: Using Trust and Risk in Role-Based Access Control Policies. In: SACMAT 2004, New York, USA, June 2-4 (2004).
15. Koch, M., Mancini, L.V., Parisi-Presicce, F.: Decidability of safety in graph-based models for access control. In: Gollmann, D., Karjoth, G., Waidner, M. (eds.) ESORICS 2002. LNCS, vol. 2502, pp. 229-243. Springer, Heidelberg (2002).