The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)

Access Control Management and Security in Multi-Domain Collaborative Environments


Download PDF Document


Basit Shafiq

Tech report number

CERIAS TR 2006-19

Entry type



With the increase in information and data accessibility, there is a growing concern for security and privacy of data. In large corporate Intranets, the insider attack is a major security problem. Numerous studies have shown that unauthorized accesses, in particular by insiders, pose a major security threat for distributed enterprise environments. This problem is highly magnified in a multi-domain environment that spans multiple enterprises collaborating to meet their business requirements. The challenge is in developing new or extending existing security models for efficient security management and administration in multi-domain environments that allow extensive interoperation among individuals or systems belonging to different security domains. In this dissertation, we have addressed the issue of secure interoperation from policy management perspective. In particular, we have developed a policy-based framework that allows secure information and resource sharing in multi-domain environments supporting both tightly-coupled and loosely-coupled collaborations. The level of coupling in such environments is characterized by the degree of interoperation, the level of trust among domains, and the security, autonomy, and privacy requirements of the collaborating domains. The proposed framework provides efficient solutions and strategies for ensuring secure interoperation in both tightly-coupled and loosely-coupled multi-domain environments. This framework is designed for distributed systems that employ role based access control (RBAC) policies, and therefore addresses the secure interoperability requirements of emerging distributed application systems.



Key alpha



School of Electrical and Computer Engineering



Publication Date



Secure Interoperation Policy Composition Policy-based verification of distributed services/workflows Federated collaboration loosely-coupled collaboration Access control and security policies


secure interoperation; Policy Composition; distributed workflow composition; policy-based verification; access control


Secure Interoperation in Multi-Domain collaborative environment

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.