A New Modeling Paradigm for Dynamic Authorization in Multi-domain Systems

  • Manoj Sastry
  • Ram Krishnan
Part of the Communications in Computer and Information Science book series (CCIS, volume 1)


The emergence of powerful, full-featured and small form-factor mobile devices enables rich services to be offered to it’s users. As the mobile user interacts with multiple administrative domains, he acquires various attributes. In such dynamic usage scenarios, attributes from one domain are interpreted and used in another domain. This motivates the need for dynamic authorization at the time of interaction. In this paper, we investigate the requirements of multi-domain interactions and explore a new paradigm for modeling these requirements using the UCON model for Usage Control [5]. We propose extensions to UCON in order to accommodate dynamic authorizations requirements.


Authorization Multi-domain UCON Attribute-based Access Control 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Covington, M., Sastry, M.: Contextual Attribute-based Access Control Model. In: Meersman, R., Tari, Z., Herrero, P. (eds.) On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops. LNCS, vol. 4278, Springer, Heidelberg (2006)CrossRefGoogle Scholar
  2. 2.
    Damiani, E., Vimercati, S., Samarati, P.: New Paradigms for Access Control in Open Environments. In: 5th IEEE Intl. Symposium on Signal Processing and Information, IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
  3. 3.
    Freudenthal, E., Pesin, T., Port, L., Keenan, E., Karamcheti, V.: drbac: Distributed Role-based Access Control for Dynamic Coalition Environments. In: Proceedings of 22nd ICDCS, pp. 411–420 (2002)Google Scholar
  4. 4.
    Lepro, R.: Cardea: Dynamic Access Control in Distributed Systems. SYSTEM 3, 4 (2003)Google Scholar
  5. 5.
    Park, J., Sandhu, R.: The UCONABC Usage Control Model. TISSEC 7, 57–64 (2004)CrossRefGoogle Scholar
  6. 6.
    Hayton, R.J., Bacon, J.M., Moody, K.: Access Control in an Open Distributed Environment. In: IEEE Symposium on Security and Privacy, pp. 3–14. IEEE Computer Society Press, Los Alamitos (1998)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Manoj Sastry
  • Ram Krishnan

There are no affiliations available

Personalised recommendations