Research output: Contribution to journal › Journal article
|<mark>Journal publication date</mark>||06/2012|
|<mark>Journal</mark>||Computers and Security|
|Number of pages||17|
|Early online date||10/02/12|
Modern collaborative systems such as the Grid computing paradigm are capable of providing resource sharing between users and platforms. These collaborations need to be done in a transparent way among the participants of a virtual organization (VO). A VO may consist of hundreds of users and heterogeneous resources. In order to have a successful collaboration, a list of vital importance requirements should be fulfilled, viz. collaboration among domains, to ensure a secure environment during a collaboration, the ability to enforce usage constraints upon resources, and to manage the security policies in an easy and efficient way. In this article, we propose an enhanced role-based access control model entitled domRBAC for collaborative applications, which is based on the ANSI INCITS 359-2004 access control model. The domRBAC is capable of differentiating the security policies that need to be enforced in each domain and to support collaboration under secure inter-operation. Cardinality constraints along with context information are incorporated to provide the ability of applying simple usage management of resources for the first time in a role-based access control model. Furthermore, secure inter-operation is assured among collaborating domains during role assignment automatically and in real-time. Yet, domRBAC, as an RBAC approach, intrinsically inherits all of its virtues such as ease of management, and separation of duty relationships with the latter also being supported in multiple domains. As a proof of concept, we implement a simulator based on the definitions of our proposed access control model and conduct experimental studies to demonstrate the feasibility and performance of our approach. © 2012 Elsevier Ltd. All rights reserved.