DocumentCode
1831175
Title
Smatch Model: Extending RBAC Sessions in Virtualization Environment
Author
Cuppens-Boulahia, Nora ; Cuppens, Frédéric ; Nuadi, Marie
Author_Institution
LUSSI Dept., Univ. Eur. de Bretagne, Cesson Sevigne, France
fYear
2011
fDate
22-26 Aug. 2011
Firstpage
17
Lastpage
26
Abstract
This paper extends RBAC sessions with share ability, reusability and switch ability properties. We define the Smatch (Secure Management of switch) model in which authorized users can join, leave, reopen and reuse dynamic sessions. In Smatch, subjects can also share sessions and dynamically switch their role or function with other subjects from the same or die rent organizations. Subjects can authenticate using their function which will automatically activate the set of roles associated with this function. The Smatch model is based on first order logic with actions. It provides means to specify contextual access control and authentication policies which apply to control functional behavior of dynamic sessions. We suggest an implementation of Smatch using virtual machines.
Keywords
authorisation; virtual machines; RBAC sessions; Smatch model; access control; authentication policies; first order logic; secure management of switch; virtual machines; virtualization environment; Access control; Authentication; Context; Context modeling; Organizations; Switches; OrBAC; Session; Switch; Virtualization;
fLanguage
English
Publisher
ieee
Conference_Titel
Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
Conference_Location
Vienna
Print_ISBN
978-1-4577-0979-1
Electronic_ISBN
978-0-7695-4485-4
Type
conf
DOI
10.1109/ARES.2011.13
Filename
6045934
Link To Document