A Theoretical Study on Access Control Model in Federated Systems

  • Anant V. Nimkar
  • Soumya K. Ghosh
Part of the Communications in Computer and Information Science book series (CCIS, volume 420)


The federation is a special case of open system where the resources are controlled and accessed by cooperation of one or more roles in the federation. The federation system needs a few special treatments like a subset ownership (i.e. multiple user ownership) of the objects, dynamic access right allocation etc. The treatments can not be handled by any combination of mandatory, discretionary and role-based access control models (i.e. MAC, DAC and RBAC). This paper gives a theoretical study on an access control model in federating systems by analysing the nature of subjects, objects and their relationships; and then proposes a generic access control model for any federation system. The safety proof shows that the federation system always remains in a safe state using the proposed federation access control model.


Access control models Distributed security Federation 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Barker, S., Genovese, V.: Secommunity: A framework for distributed access control. In: Delgrande, J.P., Faber, W. (eds.) LPNMR 2011. LNCS, vol. 6645, pp. 297–303. Springer, Heidelberg (2011)CrossRefGoogle Scholar
  2. 2.
    Bell, D., LaPadula, L.: Secure computer systems: Mathematical foundations. Technical Report MTR-2547, vol. I. MITRE Corporation, Bedford (1973)Google Scholar
  3. 3.
    Biba, J.K.: Integrity considerations for secure computer systems. MITRE Co., technical report ESD-TR 76-372, pp. 1–68 (April 1977)Google Scholar
  4. 4.
    Brewer, D.F.C., Nash, M.J.: The chinese wall security policy. In: IEEE Symposium on Security and Privacy, pp. 206–214 (1989)Google Scholar
  5. 5.
    Buyya, R., Ranjan, R., Calheiros, R.N.: Intercloud: utility-oriented federation of cloud computing environments for scaling of application services. In: Hsu, C.-H., Yang, L.T., Park, J.H., Yeo, S.-S. (eds.) ICA3PP 2010, Part I. LNCS, vol. 6081, pp. 13–31. Springer, Heidelberg (2010)CrossRefGoogle Scholar
  6. 6.
    Decat, M., Lagaisse, B., Joosen, W.: Toward efficient and confidentiality-aware federation of access control policies. In: Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing, MW4NG 2012, pp. 4:1–4:6. ACM, NY (2012)Google Scholar
  7. 7.
    Denning, D.E.: A lattice model of secure information flow. Commun. ACM 19(5), 236–243 (1976)CrossRefzbMATHMathSciNetGoogle Scholar
  8. 8.
    Dong, G., Cui, G., Shi, W., Miao, Y.: Community health records and hospital medical record file sharing system model. In: 2011 IEEE 2nd International Conference on Software Engineering and Service Science (ICSESS), pp. 146–148 (2011)Google Scholar
  9. 9.
    Ferraiolo, D., Kuhn, D.: Role-based access control. In: 15th National Computer Security Conference, pp. 554–563 (October 1992)Google Scholar
  10. 10.
    Rao, V., Jaeger, T.: Dynamic mandatory access control for multiple stakeholders. In: Proceedings of the 14th ACM Symposium on Access Control Models and Technologies, SACMAT 2009, pp. 53–62. ACM, New York (2009)Google Scholar
  11. 11.
    Wang, S., Zhang, Y.: A formalization of distributed authorization with delegation. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 303–315. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  12. 12.
    Wenchao, Z., Yafen, L.: Federation access control model based on web-service. In: 2010 International Conference on E-Business and E-Government (ICEE), pp. 38–41 (2010)Google Scholar
  13. 13.
    Zhang, R., Liu, L.: Security models and requirements for healthcare application clouds. In: 2010 IEEE 3rd International Conference on Cloud Computing (CLOUD), pp. 268–275 (2010)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2014

Authors and Affiliations

  • Anant V. Nimkar
    • 1
  • Soumya K. Ghosh
    • 1
  1. 1.Indian Institute of Technology, KharagpurIndia

Personalised recommendations