An Attribute-Based Cross-Domain Access Control Model for a Distributed Multiple Autonomous Network

Yunpeng Zhang; Xin Liu

doi:10.1142/s0218194020500400

An Attribute-Based Cross-Domain Access Control Model for a Distributed Multiple Autonomous Network

International Journal of Software Engineering and Knowledge Engineering ◽

10.1142/s0218194020500400 ◽

2020 ◽

Vol 30 (11n12) ◽

pp. 1851-1865

Author(s):

Yunpeng Zhang ◽

Xin Liu

Keyword(s):

Access Control ◽

Domain Boundary ◽

Control Process ◽

Control Model ◽

Main Trend ◽

Security Risk ◽

Access Control Model ◽

Policy Model ◽

Cross Domain ◽

Autonomous Network

The distributed multiple autonomous network has become the main trend of modern information systems, such as Cloud, Service-Oriented Architecture (SOA) and Internet of Things (IoT). Access control in such a heterogeneous and dynamic system has become a major information security challenge, which hinders the sharing of resources and information. In this work, we present an Attribute-Based Access Control (ABAC) model for cross-domain access control. The proposed access control model comprises a boundary control server designed to provide cross-domain access control capability. An eXtensible Access Control Markup Language (XACML) policy model-based implementation is introduced. Process and implementation show the proposed model alleviates the security risk on the domain boundary during the cross-domain access control process.

Delegation Based Cross-Domain Access Control Model Under Cloud Computing for Mobile Terminal

Journal of Software ◽

10.3724/sp.j.1001.2013.04242 ◽

2014 ◽

Vol 24 (3) ◽

pp. 564-574

Author(s):

Jia-Bin YUAN ◽

Li-Li WEI ◽

Qing-Hua ZENG

Keyword(s):

Cloud Computing ◽

Access Control ◽

Mobile Terminal ◽

Control Model ◽

Access Control Model ◽

Cross Domain

Parallel Access Control Model in Cross-Domain Grid Computing Environment

International Journal of Embedded and Real-Time Communication Systems ◽

10.4018/ijertcs.2018010103 ◽

2018 ◽

Vol 9 (1) ◽

pp. 50-65

Author(s):

Sarra Namane ◽

Nassira Ghoualmi

Keyword(s):

Access Control ◽

Grid Computing ◽

Control Model ◽

Security Requirements ◽

Access Control Model ◽

Cross Domain ◽

Proposed Model ◽

Security Challenges ◽

Role Mapping ◽

Parallel Access

Despite the various attractive features that grid computing has to offer, it has many great security challenges, such as access control. With the expansion of the network scale, a large number of authorization requests have to be treated; on the other hand, the multi-domain nature of grid computing generates difficult to manage questions about cross-domain access control, and a variety of solutions use the role mapping mechanism to allow collaborations between domains. But this mechanism gives a potential risk of violating consistency properties of domains. This article aims to address this issue and proposes a parallel access control model in cross-domain grid computing architecture to be more convenient to the security requirements of the multi-domain environment. Finally, as a proof of concept, the authors implement a cross-domain and parallel authorization simulator (CD-PAS) where experiments are done. The obtained results show that the proposed model is sensitive to the number of authorization requests. In addition, it can effectively reduce the execution time of access control mechanism.

Research on User Cross-domain Access Control Model Based on Feedback

10.1109/icaa53760.2021.00168 ◽

2021 ◽

Author(s):

Hua Zhang ◽

Hao Wang ◽

Dong Liu ◽

Chunru Zhou ◽

Fang Lou

Keyword(s):

Access Control ◽

Control Model ◽

Access Control Model ◽

Model Based ◽

Cross Domain

Research on the cross-domain access control model in wind power plant

2009 International Conference on Sustainable Power Generation and Supply ◽

10.1109/supergen.2009.5348115 ◽

2009 ◽

Author(s):

Yan Zhang ◽

Bin Duan ◽

Lingxiang Huang ◽

Yuanyuan Lin

Keyword(s):

Power Plant ◽

Access Control ◽

Wind Power ◽

Control Model ◽

Wind Power Plant ◽

Access Control Model ◽

Cross Domain ◽

The Cross

A cross-domain access control model based on trust measurement

Wuhan University Journal of Natural Sciences ◽

10.1007/s11859-016-1134-0 ◽

2016 ◽

Vol 21 (1) ◽

pp. 21-28 ◽

Cited By ~ 1

Author(s):

Xiaohui Yang ◽

Hong Wang

Keyword(s):

Access Control ◽

Control Model ◽

Access Control Model ◽

Model Based ◽

Cross Domain ◽

Trust Measurement

A cross-domain authorization access control model based on security label attribute

Journal of Physics Conference Series ◽

10.1088/1742-6596/1955/1/012111 ◽

2021 ◽

Vol 1955 (1) ◽

pp. 012111

Author(s):

Yuntao Wang

Keyword(s):

Access Control ◽

Control Model ◽

Access Control Model ◽

Model Based ◽

Cross Domain ◽

Security Label

An Adaptive Access Control Model for Web Services

Information Security and Ethics ◽

10.4018/978-1-59904-937-3.ch051 ◽

2008 ◽

pp. 671-703

Author(s):

Elisa Bertino ◽

Anna C. Squicciarini ◽

Lorenzo Martino ◽

Federica Paci

Keyword(s):

Web Services ◽

Access Control ◽

Control Policy ◽

Control Model ◽

Negotiation Process ◽

Service Access ◽

Service Class ◽

Access Control Model ◽

Privacy And Security ◽

Policy Model

This paper presents an innovative access control model, referred to as Web service Access Control Version 1 (Ws-AC1), specifically tailored to Web services. The most distinguishing features of this model are the flexible granularity in protection objects and negotiation capabilities. Under Ws-AC1, an authorization can be associated with a single service and can specify for which parameter values the service can be authorized for use, thus providing a fine access control granularity. Ws-AC1 also supports coarse granularities in protection objects in that it provides the notion of service class under which several services can be grouped. Authorizations can then be associated with a service class and automatically propagated to each element in the class. The negotiation capabilities of Ws-AC1 are related to the negotiation of identity attributes and the service parameters. Identity attributes refer to information that a party requesting a service may need to submit in order to obtain the service. The access control policy model of Ws-AC1 supports the specification of policies in which conditions are stated, specifying the identity attributes to be provided and constraints on their values. In addition, conditions may also be specified against context parameters, such as time. To enhance privacy and security, the actual submission of these identity attributes is executed through a negotiation process. Parameters may also be negotiated when a subject requires use of a service with certain parameters values that, however, are not authorized under the policies in place. In this paper, we provide the formal definitions underlying our model and the relevant algorithms, such as the access control algorithm. We also present an encoding of our model in the Web Services Description Language (WSDL) standard for which we develop an extension, required to support Ws-AC1.

A Dynamic Cross Domain Access Control Model for Multi-level System

10.1109/eiecs53707.2021.9588053 ◽

2021 ◽

Author(s):

Peisheng Han ◽

Li Guo ◽

Luyao Liu

Keyword(s):

Access Control ◽

Control Model ◽

Level System ◽

Access Control Model ◽

Cross Domain ◽

Multi Level

An efficient security risk estimation technique for Risk-based access control model for IoT

Internet of Things ◽

10.1016/j.iot.2019.100052 ◽

2019 ◽

Vol 6 ◽

pp. 100052 ◽

Cited By ~ 5

Author(s):

Hany F. Atlam ◽

Gary B. Wills

Keyword(s):

Access Control ◽

Risk Estimation ◽

Control Model ◽

Estimation Technique ◽

Security Risk ◽

Access Control Model

Risk-Based Access Control Model: A Systematic Literature Review

Future Internet ◽

10.3390/fi12060103 ◽

2020 ◽

Vol 12 (6) ◽

pp. 103

Author(s):

Hany F. Atlam ◽

Muhammad Ajmal Azad ◽

Madini O. Alassafi ◽

Abdulrahman A. Alshdadi ◽

Ahmed Alenezi

Keyword(s):

Access Control ◽

Dynamic Models ◽

Environmental Changes ◽

Risk Estimation ◽

Control Model ◽

Security Risk ◽

Access Control Model ◽

Access Control Models ◽

Control Models ◽

Access Request

Most current access control models are rigid, as they are designed using static policies that always give the same outcome in different circumstances. In addition, they cannot adapt to environmental changes and unpredicted situations. With dynamic systems such as the Internet of Things (IoT) with billions of things that are distributed everywhere, these access control models are obsolete. Hence, dynamic access control models are required. These models utilize not only access policies but also contextual and real-time information to determine the access decision. One of these dynamic models is the risk-based access control model. This model estimates the security risk value related to the access request dynamically to determine the access decision. Recently, the risk-based access control model has attracted the attention of several organizations and researchers to provide more flexibility in accessing system resources. Therefore, this paper provides a systematic review and examination of the state-of-the-art of the risk-based access control model to provide a detailed understanding of the topic. Based on the selected search strategy, 44 articles (of 1044 articles) were chosen for a closer examination. Out of these articles, the contributions of the selected articles were summarized. In addition, the risk factors used to build the risk-based access control model were extracted and analyzed. Besides, the risk estimation techniques used to evaluate the risks of access control operations were identified.