Trusted and Efficient Cross-Domain Access Control System Based on Blockchain

In a distributed system, cross-domain access control is an important mechanism to realize secure data sharing among multiple domains. Most of the existing cross-domain access control mechanisms are generally based on a single-server architecture, which has limitations in terms of security and reliability (the access decision may be incorrect) and completeness and confidentiality (the access records can be modified). Blockchain technology with decentralization, verifiability, and immutability properties can solve these problems. Motivated by these facts, in this article, we construct a trusted and efficient cross-domain access control system based on blockchain. Consequently, we integrate blockchain and role mapping technology to provide reliable and verifiable cross-domain access process. We use blockchain to record user roles, role mapping rules, access policies, and audit records, realizing user self-validation, and access nonreputation. Considering the low throughput of the blockchain, we design an efficient smart contract to make the access decision based on the access history of users. Finally, a performance evaluation of the system is presented to demonstrate the feasibility of the proposed system.

Parallel Access Control Model in Cross-Domain Grid Computing Environment

Despite the various attractive features that grid computing has to offer, it has many great security challenges, such as access control. With the expansion of the network scale, a large number of authorization requests have to be treated; on the other hand, the multi-domain nature of grid computing generates difficult to manage questions about cross-domain access control, and a variety of solutions use the role mapping mechanism to allow collaborations between domains. But this mechanism gives a potential risk of violating consistency properties of domains. This article aims to address this issue and proposes a parallel access control model in cross-domain grid computing architecture to be more convenient to the security requirements of the multi-domain environment. Finally, as a proof of concept, the authors implement a cross-domain and parallel authorization simulator (CD-PAS) where experiments are done. The obtained results show that the proposed model is sensitive to the number of authorization requests. In addition, it can effectively reduce the execution time of access control mechanism.

From preventative to predictive maintenance: The organisational challenge

Introduction of new technology (technology implementation) within an organisation can have wide reaching implications, beyond the effectiveness and efficiency savings that are typically the aim of such an endeavour. The ‘Health and Prognostic Assessment of Railway Assets for Predictive Maintenance’ project developed a prognostic tool, which aimed to support enhancement of the London underground’s remote condition monitoring system to support change from reactive and preventative to predictive maintenance, in order to increase effectiveness and efficiency and reduce lost customer hours. This paper investigates the organisational challenges associated with the introduction of such a tool. The paper describes the approach adopted to model the extant maintenance processes (focusing on role mapping) and associated organisational structures which revealed issues such as unclear processes, poor communication and data sharing links and problems with delineation of responsibility for decision making. It also describes the development of a new maintenance process model that incorporates the additional functionality of the new prognostic tool, taking in to account changes of roles, responsibilities, organisational processes and activities.