An Efficient Algorithm of Role Mapping across Security Domains in Datasharing Environments
There are many distributed, autonomous, heterogeneous and dynamic data sources in data sharing environment. In order to achieve the goal of global data sharing without compromising the security of local domain respectively, it is necessary to establish an access control mechanism to satisfy the security need of data sharing across multi-domain. In this paper, a criterion based algorithm for role mapping across multi-domain is proposed. The algorithm not only resolves the conflicts of cyclic inheritance and separation of duties, but also makes the establishment of role mapping more efficiently by preserving the historical information of role mapping paths established successfully before. Evaluation by access instances shows that the algorithm meets the demands of access control in multi-domains and scales very well.
data sharing security domain RBAC role mapping across multi-domains
Wang Xiaoqing Gu Tianyang Guo Yong Zheng Yanxing Zong Jianjian
Department of Computer Science and Technology,Tsinghua University;Beijing Institute of System Engine Beijing Institute of System Engineering,China
国际会议
The Ninth International Conference on Web-Age Information Management(第九届web时代信息管理国际会议)(WAIM 2008)
张家界
英文
2008-07-20(万方平台首次上网日期,不代表论文的发表时间)