Link to the University of Pittsburgh Homepage
Link to the University Library System Homepage Link to the Contact Us Form

Secure interoperation in a multidomain environment employing RBAC policies

Shafiq, B and Joshi, JBD and Bertino, E and Ghafoor, A (2005) Secure interoperation in a multidomain environment employing RBAC policies. IEEE Transactions on Knowledge and Data Engineering, 17 (11). 1557 - 1577. ISSN 1041-4347

[img] Plain Text (licence)
Available under License : See the attached license file.

Download (1kB)


Multidomain application environments where distributed multiple organizations interoperate with each other are becoming a reality as witnessed by emerging Internet-based enterprise applications. Composition of a global coherent security policy that governs information and resource accesses in such environments is a challenging problem. In this paper, we propose a policy integration framework for merging heterogeneous Role-Based Access Control (RBAC) policies of multiple domains into a global access control policy. A key challenge in composition of this policy is the resolution of conflicts that may arise among the RBAC policies of individual domains. We propose an integer programming (IP)-based approach for optimal resolution of such conflicts. The optimality criterion is to maximize interdomain role accesses without exceeding the autonomy losses beyond the acceptable limit. © 2005 IEEE.


Social Networking:
Share |


Item Type: Article
Status: Published
CreatorsEmailPitt UsernameORCID
Shafiq, B
Joshi, JBDjjoshi@pitt.eduJJOSHI0000-0003-4519-9802
Bertino, E
Ghafoor, A
Date: 1 November 2005
Date Type: Publication
Journal or Publication Title: IEEE Transactions on Knowledge and Data Engineering
Volume: 17
Number: 11
Page Range: 1557 - 1577
DOI or Unique Handle: 10.1109/tkde.2005.185
Schools and Programs: School of Information Sciences > Information Science
Refereed: Yes
ISSN: 1041-4347
Date Deposited: 30 Oct 2012 20:38
Last Modified: 01 May 2020 12:55


Monthly Views for the past 3 years

Plum Analytics

Actions (login required)

View Item View Item