2nd International ICST Workshop on Trusted Collaboration

Research Article

A Request-Driven Secure Interoperation Framework in Loosely-Coupled Multi-domain Environments Employing RBAC Policies

  • @INPROCEEDINGS{10.1109/COLCOM.2007.4553805,
        author={Yue Zhang and James. B. D. Joshi},
        title={A Request-Driven Secure Interoperation Framework in Loosely-Coupled Multi-domain Environments Employing RBAC Policies},
        proceedings={2nd International ICST Workshop on Trusted Collaboration},
        publisher={IEEE},
        proceedings_a={TRUSTCOL},
        year={2008},
        month={6},
        keywords={Access control  Application software  Computer science  Context-aware services  Information science  International collaboration  Internet  Multilevel systems  Security  Web services},
        doi={10.1109/COLCOM.2007.4553805}
    }
    
  • Yue Zhang
    James. B. D. Joshi
    Year: 2008
    A Request-Driven Secure Interoperation Framework in Loosely-Coupled Multi-domain Environments Employing RBAC Policies
    TRUSTCOL
    IEEE
    DOI: 10.1109/COLCOM.2007.4553805
Yue Zhang1,*, James. B. D. Joshi2,*
  • 1: Department of Computer Science, University of Pittsburgh
  • 2: School of Information Science, University of Pittsburgh
*Contact email: zysxqn@cs.pitt.edu, jjoshi@sis.pitt.edu

Abstract

Multi-domain environments where distributed multiple organizations interoperate with each other are becoming a reality as witnessed by emerging Internet-based enterprise applications. Ensuring secure interoperation in such multi-domain environments has drawn considerable research works in the past, especially in tightly coupled, federated environments. However, methods applied to such environments are not suitable in emerging loosely-coupled environments where the interdomain interactions are transient and based on specific requirements within a given context (e.g., time, location), which is typical in web service, P2P and Grid-based applications. In this paper, we propose a request-driven secure interoperation framework to facilitate secure interoperation in loosely-coupled environments where the individual domains employ role-based access control policies. In particular, our proposed framework is driven by the service requirements and dynamically integrates relevant policy components between interacting domains.