Title :
A directed acyclic graph based detection for rbac based secure interoperation
Author :
Chen, Xiyuan ; Zhu, Miaoliang
Author_Institution :
Coll. of Comput. Sci., Zhejiang Univ., Hangzhou, China
Abstract :
Collaboration enables domains to share resources effectively; however it introduces several security and privacy challenges. To guarantee the secure interoperation in complex distributed environment, a RBAC based secure interoperation model was proposed. Based on the inherent characteristic of the RBAC system, a directed acyclic graph based detection method of security violation was investigated. We also classified the conflicts according to the feature of each four parts of NITS RBAC model: conflicts resulting from unrelated roles, conflicts that arise from related roles and conflicts due to separation of duty. The targeted detection method for different types of conflicts was illustrated systematically. Therefore corresponding detection method can be applied to different types of conflicts according to the actual application environment. Furthermore, we analyzed the algorithmic complexity of the method and demonstrated the application of the directed acyclic graph based detection method with case studies in realistic scenarios.
Keywords :
authorisation; computational complexity; data privacy; directed graphs; open systems; RBAC based secure interoperation model; algorithmic complexity; complex distributed environment; directed acyclic graph based detection; privacy; role-based access control; security violation; Access control; Algorithm design and analysis; Application software; Computer science; Computer security; Educational institutions; Information security; Power system modeling; Power system security; Privacy; Conflict Detection; Directed Acyclic Graph; RBAC; Security Interoperation;
Conference_Titel :
Mobile Adhoc and Sensor Systems, 2009. MASS '09. IEEE 6th International Conference on
Conference_Location :
Macau
Print_ISBN :
978-1-4244-5113-5
DOI :
10.1109/MOBHOC.2009.5336922
