An interaction-based access control model (IBAC) for collaborative services
A collaboration is a collection of services that work together to achieve a common goal. Although collaborations help when tackling difficult problems, they lead to security issues. First, a collaboration is often performed by services that are drawn from different security domains. Second, a service interacts with multiple peer services during the collaboration. These interactions are not isolated from one another--e.g., data may flow through a sequence of different services. As a result, a service is exposed to multiple peer services in varying degrees, leading to different security threats. We identify the types of interactions that can be present in collaborations, and discuss the security threats due to each type. We propose a model for representing the collaboration context so that a service can be made aware of the existing interactions. We provide an access control model for a service participating in a collaboration. We couple our access control model with a policy model, so that the access requirements from collaborations can be expressed and evaluated.
- Research Organization:
- Fermi National Accelerator Lab. (FNAL), Batavia, IL (United States)
- Sponsoring Organization:
- USDOE
- DOE Contract Number:
- AC02-07CH11359
- OSTI ID:
- 928814
- Report Number(s):
- FERMILAB-PUB-08-100-CD; TRN: US200812%%351
- Country of Publication:
- United States
- Language:
- English
Similar Records
Magnify: A Final Technical Report of the American Energy and Manufacturing Competitiveness Partnership
DeepView: A collaborative framework for distributed microscopy