• Cuihua Zuo，Ruixuan Li ，Hongmu Han ，Zhengding Lu

• 会议名称： 2007 International Conference on Computational Intelligence and Security (CIS 2007)
• 举办地点：Harbin,China
• 举办日期：15-19 December，2007
• 页数：735-739

Multi-domain application environments where distributed domains interoperate with each other are becoming a reality in Internet-based enterprise applications. The secure interoperation in a multi-domain environment is a challenging problem. Role-based access control (RBAC) is used for specifying the security requirements of multi-domain applications in this paper. Then, role mapping relationship between domains is described by XML documents. Furthermore, the situations where dynamic role mapping violates separation of duties (SoD) which is one of the three basic security principles for the RBAC model are analyzed in detail, and relevant algorithms to detect the above security problem are designed in this paper.