Access Control Management and Security in Multi-Domain Collaborative Environments
Tech report number
CERIAS TR 2006-19
With the increase in information and data accessibility, there is a growing concern for security and privacy of data. In large corporate Intranets, the insider attack is a major security problem. Numerous studies have shown that unauthorized accesses, in particular by insiders, pose a major security threat for distributed enterprise environments. This problem is highly magnified in a multi-domain environment that spans multiple enterprises collaborating to meet their business requirements. The challenge is in developing new or extending existing security models for efficient security management and administration in multi-domain environments that allow extensive interoperation among individuals or systems belonging to different security domains. In this dissertation, we have addressed the issue of secure interoperation from policy management perspective. In particular, we have developed a policy-based framework that allows secure information and resource sharing in multi-domain environments supporting both tightly-coupled and loosely-coupled collaborations. The level of coupling in such environments is characterized by the degree of interoperation, the level of trust among domains, and the security, autonomy, and privacy requirements of the collaborating domains. The proposed framework provides efficient solutions and strategies for ensuring secure interoperation in both tightly-coupled and loosely-coupled multi-domain environments. This framework is designed for distributed systems that employ role based access control (RBAC) policies, and therefore addresses the secure interoperability requirements of emerging distributed application systems.
School of Electrical and Computer Engineering
Secure Interoperation Policy Composition Policy-based verification of distributed services/workflows Federated collaboration loosely-coupled collaboration Access control and security policies
secure interoperation; Policy Composition; distributed workflow composition; policy-based verification; access control
Secure Interoperation in Multi-Domain collaborative environment