Role mapping is a basic technique for facilitating interoperation in RBAC-based collaborating environments. However, role mapping lacks the flexibility to specify access control policies in the scenarios where the access control is not a simple action, but consists of a sequence of actions and events from subjects and system. In this paper, we propose an attribute mapping technique to establish secure context in multi-domain environments. We first classify attributes into eight types and show that only two types of attributes need to be translated. We second give the definition of attribute mapping technique, and analysis the properties of attribute mapping. Finally, we study how cardinality constraint violation arises and shows that it is efficient to resolve this security violation.
Reasoning about Secure Interoperation Using Soft Constraints
