| separation of duty in trust-based collaboration | |
| Deng Lingli; He Yeping; Xu Ziyao | |
| 2009 | |
| 会议名称 | 4th International Conference on Information Security and Cryptology (Inscript 2008) |
| 会议录名称 | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) |
| 页码 | 370-388 |
| 会议日期 | DEC 14-17, |
| 会议地点 | Beijing, PEOPLES R CHINA |
| 收录类别 | 其他 |
| 出版地 | HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY |
| 出版者 | INFORMATION SECURITY AND CRYPTOLOGY |
| ISSN | 0302-9743 |
| ISBN | 978-3-642-01439-0 |
| 部门归属 | Deng, Lingli; He, Yeping; Xu, Ziyao Chinese Acad Sci, Inst Software, Beijing 100190, Peoples R China. |
| 摘要 | When domains employing heterogeneous RBAC policies collaborate by crossdomain role-role mappings, their local Separation of Duty constraints face the risk of breaching. We present the requirements for constraint-secure interoperation, to prohibit implicit authorizations that break constraints from other member domains, and propose a trust-based framework to ensure constraint-secure interoperation. The framework introduces cross-domain migration and remote assurance of constraints between mutually trusted domains to maximize interoperability, while ensuring separation of constraints between distrusted domains to minimize security risk. Specifically, we use a bitmap-based history-recording mechanism for member domains to analyze the interplay among innerdomain role hierarchies, crossdomain mappings and constraints. Algorithms of a fully distributed implementation, security proofs and illustrative usage cases for the proposed solution are provided. |
| 关键词 | Secure Collaboration |
| 主办者 | Chinese Assoc Cryptol Res, State Key Lab Informat Secur, Inst Software, Grad Univ Chinese Acad Sci, Natl Nat Sci Fdn China |
| 语种 | 英语 |
| 内容类型 | 会议论文 |
| URI标识 | http://ir.iscas.ac.cn/handle/311060/8366 |
| 专题 | 基础软件国家工程研究中心 |
| 推荐引用方式 GB/T 7714 | Deng Lingli,He Yeping,Xu Ziyao. separation of duty in trust-based collaboration[C]. HEIDELBERGER PLATZ 3, D-14197 BERLIN, GERMANY:INFORMATION SECURITY AND CRYPTOLOGY,2009:370-388. |
| 条目包含的文件 | ||||||
| 文件名称/大小 | 文献类型 | 版本类型 | 开放类型 | 使用许可 | ||
| separation of duty i(401KB) | 开放获取 | -- | 请求全文 | |||
除非特别说明,本系统中所有内容都受版权保护,并保留所有权利。
修改评论