Centralized Role-Based Access Control for Federated Multi-Domain Environments
The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establi...
Saved in:
Published in | Wuhan University journal of natural sciences Vol. 11; no. 6; pp. 1688 - 1692 |
---|---|
Main Authors | , , , |
Format | Journal Article |
Language | English Chinese |
Published |
College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, Hubei, China%School of Software Engineering, Huazhong University of Science and Technology, Wuhan 430074, Hubei, China
01.11.2006
|
Subjects | |
Online Access | Get full text |
Cover
Loading…
Summary: | The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control (RBAC) model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains. |
---|---|
Bibliography: | TP305 federated RBAC(role based access control) 42-1405/N RBAC(role based access control); federated; multi-domain multi-domain SourceType-Scholarly Journals-2 ObjectType-Feature-2 ObjectType-Conference Paper-1 content type line 23 SourceType-Conference Papers & Proceedings-1 ObjectType-Article-3 |
ISSN: | 1007-1202 1993-4998 |
DOI: | 10.1007/BF02831851 |