Centralized Role-Based Access Control for Federated Multi-Domain Environments

• Published in: Wuhan University journal of natural sciences Vol. 11; no. 6; pp. 1688 - 1692
• Main Authors: Guangcan, Yu, Zhengding, Li, Ruixuan, Li, Sarem, Mudar
• Format: Journal Article
• Language: English; Chinese
• Published: College of Computer Science and Technology, Huazhong University of Science and Technology, Wuhan 430074, Hubei, China%School of Software Engineering, Huazhong University of Science and Technology, Wuhan 430074, Hubei, China 01.11.2006
• Subjects: RBAC; 信息安全; 存取控制; multi-domain; federated; RBAC(role based access control)
• ISSN: 1007-1202; 1993-4998
• DOI: 10.1007/BF02831851

The secure interaction among multiple security domains is a major concern. In this paper, we highlight the issues of secure interoperability among multiple security domains operating under the widely accepted Role Based Access Control （RBAC） model. We propose a model called CRBAC that easily establishes a global policy for roles mapping among multiple security domains. Our model is based on an extension of the RBAC model. Also, multiple security domains were composed to one abstract security domain. Also roles in the multiple domains are translated to permissions of roles in the abstract security domain. These permissions keep theirs hierarchies. The roles in the abstract security domain implement roles mapping among the multiple security domains. Then, authorized users of any security domain can transparently access resources in the multiple domains.