Home > Research > Publications & Outputs > DomRBAC
View graph of relations

DomRBAC: an access control model for modern collaborative systems

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Published

Standard

DomRBAC: an access control model for modern collaborative systems. / Gouglidis, Antonios; Mavridis, Ioannis.
In: Computers and Security, Vol. 31, No. 4, 06.2012, p. 540-556.

Research output: Contribution to Journal/MagazineJournal articlepeer-review

Harvard

APA

Vancouver

Gouglidis A, Mavridis I. DomRBAC: an access control model for modern collaborative systems. Computers and Security. 2012 Jun;31(4):540-556. Epub 2012 Feb 10. doi: 10.1016/j.cose.2012.01.010

Author

Gouglidis, Antonios ; Mavridis, Ioannis. / DomRBAC : an access control model for modern collaborative systems. In: Computers and Security. 2012 ; Vol. 31, No. 4. pp. 540-556.

Bibtex

@article{ea8090631986400d862f5d933eb19972,
title = "DomRBAC: an access control model for modern collaborative systems",
abstract = "Modern collaborative systems such as the Grid computing paradigm are capable of providing resource sharing between users and platforms. These collaborations need to be done in a transparent way among the participants of a virtual organization (VO). A VO may consist of hundreds of users and heterogeneous resources. In order to have a successful collaboration, a list of vital importance requirements should be fulfilled, viz. collaboration among domains, to ensure a secure environment during a collaboration, the ability to enforce usage constraints upon resources, and to manage the security policies in an easy and efficient way. In this article, we propose an enhanced role-based access control model entitled domRBAC for collaborative applications, which is based on the ANSI INCITS 359-2004 access control model. The domRBAC is capable of differentiating the security policies that need to be enforced in each domain and to support collaboration under secure inter-operation. Cardinality constraints along with context information are incorporated to provide the ability of applying simple usage management of resources for the first time in a role-based access control model. Furthermore, secure inter-operation is assured among collaborating domains during role assignment automatically and in real-time. Yet, domRBAC, as an RBAC approach, intrinsically inherits all of its virtues such as ease of management, and separation of duty relationships with the latter also being supported in multiple domains. As a proof of concept, we implement a simulator based on the definitions of our proposed access control model and conduct experimental studies to demonstrate the feasibility and performance of our approach.",
keywords = "Access control, Cross-domain authorization, Grid computing, RBAC, Resource usage management, Secure inter-operation",
author = "Antonios Gouglidis and Ioannis Mavridis",
year = "2012",
month = jun,
doi = "10.1016/j.cose.2012.01.010",
language = "English",
volume = "31",
pages = "540--556",
journal = "Computers and Security",
issn = "0167-4048",
publisher = "Elsevier Ltd",
number = "4",

}

RIS

TY - JOUR

T1 - DomRBAC

T2 - an access control model for modern collaborative systems

AU - Gouglidis, Antonios

AU - Mavridis, Ioannis

PY - 2012/6

Y1 - 2012/6

N2 - Modern collaborative systems such as the Grid computing paradigm are capable of providing resource sharing between users and platforms. These collaborations need to be done in a transparent way among the participants of a virtual organization (VO). A VO may consist of hundreds of users and heterogeneous resources. In order to have a successful collaboration, a list of vital importance requirements should be fulfilled, viz. collaboration among domains, to ensure a secure environment during a collaboration, the ability to enforce usage constraints upon resources, and to manage the security policies in an easy and efficient way. In this article, we propose an enhanced role-based access control model entitled domRBAC for collaborative applications, which is based on the ANSI INCITS 359-2004 access control model. The domRBAC is capable of differentiating the security policies that need to be enforced in each domain and to support collaboration under secure inter-operation. Cardinality constraints along with context information are incorporated to provide the ability of applying simple usage management of resources for the first time in a role-based access control model. Furthermore, secure inter-operation is assured among collaborating domains during role assignment automatically and in real-time. Yet, domRBAC, as an RBAC approach, intrinsically inherits all of its virtues such as ease of management, and separation of duty relationships with the latter also being supported in multiple domains. As a proof of concept, we implement a simulator based on the definitions of our proposed access control model and conduct experimental studies to demonstrate the feasibility and performance of our approach.

AB - Modern collaborative systems such as the Grid computing paradigm are capable of providing resource sharing between users and platforms. These collaborations need to be done in a transparent way among the participants of a virtual organization (VO). A VO may consist of hundreds of users and heterogeneous resources. In order to have a successful collaboration, a list of vital importance requirements should be fulfilled, viz. collaboration among domains, to ensure a secure environment during a collaboration, the ability to enforce usage constraints upon resources, and to manage the security policies in an easy and efficient way. In this article, we propose an enhanced role-based access control model entitled domRBAC for collaborative applications, which is based on the ANSI INCITS 359-2004 access control model. The domRBAC is capable of differentiating the security policies that need to be enforced in each domain and to support collaboration under secure inter-operation. Cardinality constraints along with context information are incorporated to provide the ability of applying simple usage management of resources for the first time in a role-based access control model. Furthermore, secure inter-operation is assured among collaborating domains during role assignment automatically and in real-time. Yet, domRBAC, as an RBAC approach, intrinsically inherits all of its virtues such as ease of management, and separation of duty relationships with the latter also being supported in multiple domains. As a proof of concept, we implement a simulator based on the definitions of our proposed access control model and conduct experimental studies to demonstrate the feasibility and performance of our approach.

KW - Access control

KW - Cross-domain authorization

KW - Grid computing

KW - RBAC

KW - Resource usage management

KW - Secure inter-operation

U2 - 10.1016/j.cose.2012.01.010

DO - 10.1016/j.cose.2012.01.010

M3 - Journal article

AN - SCOPUS:84861095268

VL - 31

SP - 540

EP - 556

JO - Computers and Security

JF - Computers and Security

SN - 0167-4048

IS - 4

ER -