skip to main content

Title: An interaction-based access control model (IBAC) for collaborative services

A collaboration is a collection of services that work together to achieve a common goal. Although collaborations help when tackling difficult problems, they lead to security issues. First, a collaboration is often performed by services that are drawn from different security domains. Second, a service interacts with multiple peer services during the collaboration. These interactions are not isolated from one another--e.g., data may flow through a sequence of different services. As a result, a service is exposed to multiple peer services in varying degrees, leading to different security threats. We identify the types of interactions that can be present in collaborations, and discuss the security threats due to each type. We propose a model for representing the collaboration context so that a service can be made aware of the existing interactions. We provide an access control model for a service participating in a collaboration. We couple our access control model with a policy model, so that the access requirements from collaborations can be expressed and evaluated.
Authors:
; ; ; ; ;
Publication Date:
OSTI Identifier:
928814
Report Number(s):
FERMILAB-PUB-08-100-CD
TRN: US200812%%351
DOE Contract Number:
AC02-07CH11359
Resource Type:
Journal Article
Research Org:
Fermi National Accelerator Laboratory (FNAL), Batavia, IL
Sponsoring Org:
USDOE
Country of Publication:
United States
Language:
English
Subject:
99 GENERAL AND MISCELLANEOUS//MATHEMATICS, COMPUTING, AND INFORMATION SCIENCE; SECURITY; SERVICE SECTOR; COOPERATION; MATHEMATICAL MODELS; INTERACTIONS; ENTRY CONTROL SYSTEMS Computing