• DocumentCode
    1831175
  • Title

    Smatch Model: Extending RBAC Sessions in Virtualization Environment

  • Author

    Cuppens-Boulahia, Nora ; Cuppens, Frédéric ; Nuadi, Marie

  • Author_Institution
    LUSSI Dept., Univ. Eur. de Bretagne, Cesson Sevigne, France
  • fYear
    2011
  • fDate
    22-26 Aug. 2011
  • Firstpage
    17
  • Lastpage
    26
  • Abstract
    This paper extends RBAC sessions with share ability, reusability and switch ability properties. We define the Smatch (Secure Management of switch) model in which authorized users can join, leave, reopen and reuse dynamic sessions. In Smatch, subjects can also share sessions and dynamically switch their role or function with other subjects from the same or die rent organizations. Subjects can authenticate using their function which will automatically activate the set of roles associated with this function. The Smatch model is based on first order logic with actions. It provides means to specify contextual access control and authentication policies which apply to control functional behavior of dynamic sessions. We suggest an implementation of Smatch using virtual machines.
  • Keywords
    authorisation; virtual machines; RBAC sessions; Smatch model; access control; authentication policies; first order logic; secure management of switch; virtual machines; virtualization environment; Access control; Authentication; Context; Context modeling; Organizations; Switches; OrBAC; Session; Switch; Virtualization;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Availability, Reliability and Security (ARES), 2011 Sixth International Conference on
  • Conference_Location
    Vienna
  • Print_ISBN
    978-1-4577-0979-1
  • Electronic_ISBN
    978-0-7695-4485-4
  • Type

    conf

  • DOI
    10.1109/ARES.2011.13
  • Filename
    6045934