Request-Driven Role Mapping Framework for Secure Interoperation in Multi-Domain Environments.
出版社:
- 出版社:CRL Publishing
- 页数::193-207
- 出版年:2008
摘要内容:
This paper proposes a request-driven role mapping framework for secure interoperation in multi-domain environments. To support ?exible policy expressionand inter-domain policy mapping, we present a convenient and effective method to perform the privilege query in general hybrid role hierarchies for specialexternal requests based on the minimal unique set (MUS). Role mappings are the basic approach for the interoperation among multiple individual domains.To describe the relationships between roles practically, role mappings are divided into three types: I-mapping, A-mapping and IA-mapping. These mappingsdenote the forms of the different role hierarchies respectively. Role mappings are the major causes for various types of con?icts and inconsistenciesinmulti-domains. This paper analyses the reasons for generating these con?icts and presents the algorithms to resolve them. Compared to other researches,this method can ensure that the external user requests will be satis?ed and the local role hierarchies will be furthest preserved. Finally, the study of theinstance for interoperation among the various of?ces of a county shows the validity of this role mapping framework.
关键词:
- Role mapping;privilege query;confict resolution;minimal unique set; secure interoperation;multi-domain