A New Modeling Paradigm for Dynamic Authorization in Multi-domain Systems
The emergence of powerful, full-featured and small form-factor mobile devices enables rich services to be offered to it’s users. As the mobile user interacts with multiple administrative domains, he acquires various attributes. In such dynamic usage scenarios, attributes from one domain are interpreted and used in another domain. This motivates the need for dynamic authorization at the time of interaction. In this paper, we investigate the requirements of multi-domain interactions and explore a new paradigm for modeling these requirements using the UCON model for Usage Control . We propose extensions to UCON in order to accommodate dynamic authorizations requirements.
KeywordsAuthorization Multi-domain UCON Attribute-based Access Control
Unable to display preview. Download preview PDF.
- 2.Damiani, E., Vimercati, S., Samarati, P.: New Paradigms for Access Control in Open Environments. In: 5th IEEE Intl. Symposium on Signal Processing and Information, IEEE Computer Society Press, Los Alamitos (2005)Google Scholar
- 3.Freudenthal, E., Pesin, T., Port, L., Keenan, E., Karamcheti, V.: drbac: Distributed Role-based Access Control for Dynamic Coalition Environments. In: Proceedings of 22nd ICDCS, pp. 411–420 (2002)Google Scholar
- 4.Lepro, R.: Cardea: Dynamic Access Control in Distributed Systems. SYSTEM 3, 4 (2003)Google Scholar
- 6.Hayton, R.J., Bacon, J.M., Moody, K.: Access Control in an Open Distributed Environment. In: IEEE Symposium on Security and Privacy, pp. 3–14. IEEE Computer Society Press, Los Alamitos (1998)Google Scholar