2nd International ICST Conference on Collaborative Computing: Networking, Applications and Worksharing

Research Article

An Integrated Framework for Trust-Based Access Control for Open Systems

  • @INPROCEEDINGS{10.1109/COLCOM.2006.361881,
        author={Michael Chuang and Suronapee Phoomvuthisarn and James B. D. Joshi},
        title={An Integrated Framework for Trust-Based Access Control for Open Systems},
        proceedings={2nd International ICST Conference on Collaborative Computing: Networking, Applications and Worksharing},
        publisher={IEEE},
        proceedings_a={COLLABORATECOM},
        year={2007},
        month={5},
        keywords={Access control Application software Data security Environmental management Grid computing Information security Mobile computing Open systems Peer to peer computing Privacy},
        doi={10.1109/COLCOM.2006.361881}
    }
    
  • Michael Chuang
    Suronapee Phoomvuthisarn
    James B. D. Joshi
    Year: 2007
    An Integrated Framework for Trust-Based Access Control for Open Systems
    COLLABORATECOM
    IEEE
    DOI: 10.1109/COLCOM.2006.361881
Michael Chuang1,*, Suronapee Phoomvuthisarn1,*, James B. D. Joshi1,*
  • 1: School of Information Sciences, University of Pittsburgh
*Contact email: mic44+@pitt.edu, sup14@pitt.edu, jjoshi@mail.sis.pitt.edu

Abstract

An important requirement of systems or application domains in emerging open environments is the capability to share information and services with other application domains that have different sets of protection requirements. When a domain needs to allow entities from previously unknown domains to access its resources, mechanisms should be in place to allow negotiating trust and services based on the sharing requirements of the interacting domains. We emphasize that a holistic framework for requirements-driven trust based secure interoperation is needed to facilitate interacting domains to access each other's local resources through access control policy mapping between the domains. In this paper, we present our ongoing work on developing a comprehensive framework for a trust based access control for secure interoperation, which tightly integrates role-based access control and inter-domain policy mapping mechanism with an integrated, game-theory based trust and service negotiation process. The framework being developed aims to address the complex requirements of an environment that represents the convergence of grid, peer-to-peer and mobile environments and workflow and multimedia technologies.