• PDF / 282,878 Bytes
• 14 Pages / 430 x 660 pts Page_size
• 44 Downloads / 181 Views

DOWNLOAD

REPORT

Abstract. For the complexity of the multi-domain environment and the ceaseless evolvement of the information secure sharing, the traditional access control method can not ensure the absolute security for the exchange of data resources. Through introducing the concept of risk, this paper proposes a dynamic access control model for multi-domain environment based on risk of inter-operations. The risk rank of an access policy can be calculated by the history of the inter-operations among domains, the security degree of the objects and the safety factor of the access events. Through adjusting the access policies which be considered the high risk, the risk in the system can be controlled in real time. The security analysis shows that this method can reinforce the facility of the access control and the security of the multi-domain environment.

1

Introduction

With the increase in information and data accessibility, there is a growing concern for security and privacy of data. The realization of the connections and the inter-operations among the different data sources under the distributed heterogeneous environment is becoming the practical problem. There is a growing concern for the security problem for the inter-operations between multi-domains. More and more researches try to resolve the defense for the vicious behaviors through the economic methods. In fact, recent research in these directions has suggested some economical models for a wide range of secure distributed systems, including a payment based security system for mobile agents [1] and game based model for secured grid computing [2]. However, risk remains un-quantified in these proposals. In fact, there exists an emerging consensus that every security question is indeed an economical question concerning the utility of the underlying system [3]. For example, it is easy to show that in a mobile agent based e-commerce system, both the protection of agents and hosts have a direct impact 

This work is partially supported by National Natural Science Foundation of China under Grant 60403027, Natural Science Foundation of Hubei Province under Grant 2005ABA258, Open Foundation of State Key Laboratory of Software Engineering under Grant SKLSE05-07.

S. Kim, M. Yung, and H.-W. Lee (Eds.): WISA 2007, LNCS 4867, pp. 277–290, 2007. c Springer-Verlag Berlin Heidelberg 2007 

278

Z. Tang et al.

on the utility: attacks on a host by malicious agents will cause loss of commercial secrets such as customers private information, downtime to the system, loss of customers, which will eventually be counted as utility loss. Attacks on agents will result in similar consequences that will also lead to the lost of utility. Thus utility maximization and risk minimization are important issues in the design of a secure distributed system if we seek to gain maximum economical benefits from the underlying system. This is also an important target of the distributed system security. But at present, there are little literatures to demonstrate the actual signification of the risk of distributed

Recommend Documents

Environment-Sensitive Access Control

141 8 239KB

Modified Chebyshev polynomial-based access control mechanism for secured data access in cloud computing environment

168 89 2MB

Dynamic Role-Based Access Control for Decentralized Applications

180 25 15MB

Context-Aware Dynamic Access Control

208 38 239KB

A flexible fine-grained dynamic access control approach for cloud computing environment

156 75 2MB

A Conceptual Model for Dynamic Access Control in Hadoop Ecosystem

173 74 23MB

Time-based Access Control

178 16 2MB

Identity-based Access Control

209 79 2MB

Role Based Access Control

139 29 2MB

Access Control Based on Code Identity for Open Distributed Systems

166 49 7MB

Geotemporal Role-Based Access Control

148 16 239KB

Geo-Role-Based Access Control

150 46 239KB