A multi-domain role activation model

  title={A multi-domain role activation model},
  author={Vilmar Abreu and Altair Olivo Santin and Eduardo Kugler Viegas and Maicon Stihler},
  journal={2017 IEEE International Conference on Communications (ICC)},
Organizations establish partnerships in order to achieve a strategic goal. In many cases, resources in a given organization are accessed from external domains, characterizing multi-domain operations. This paper presents an approach to perform role activation in multi-domain environments. The active roles are imported in other domains from a user's home domain. Thus, a Single Role Activation (SRA) is performed, similarly to Single Sign-On (SSO) authentication. The administrative autonomy to… 

Figures from this paper

Intelligent Agent-Based RBAC Model to Support Cyber Security Alliance Among Multiple Organizations in Global IT Systems

Intelligent Agent-based RBAC (IA-RBAC) is proposed which discover the roles based upon real world concepts of occupations and job titles in any organization which fulfill the dynamicity of global IT systems as well as real world concept mapping into digital world.

Agent-Based Semantic Role Mining for Intelligent Access Control in Multi-Domain Collaborative Applications of Smart Cities

An Intelligent Role-based Access Control (I-RBAC) model is proposed that uses intelligent software agents for achieving intelligent access control in such highly dynamic multi-domain environments and promising results were obtained regarding the accuracy of automatically derived RDF triples from organizational text policies.

Capturing Dynamicity and Uncertainty in Security and Trust via Situational Patterns

This paper provides a classification of uncertainty of access control in Industry 4.0 systems and examples and derives situational patterns per type of uncertainty, which will serve as adaptation strategies in cases when, due to uncertainty, an unanticipated situation is encountered in the system.

Identity-Based Security: An Imperative for Cyber Security

Layer eight firewall provides a strong foundation on which an organization can adopt security and curtail the success of cyber security threats, and provides identity-based security, enterprise-wide visibility and deep monitoring of user activity based on specific users and groups rather than Internet Protocol addresses alone.

Identity and Access Management for IoT in Smart Grid

This work proposes a new two-step lightweight access control mechanism that leverages the established configuration to provide role-based authorization in the IoT context and shows that the proposal is more flexible, demanding less manual configuration, while also requires only 23% of message exchanges compared to other approaches in the literature.

A Long-Lasting Reinforcement Learning Intrusion Detection Model

This paper proposes a long-lasting reinforcement learning model for intrusion detection that withstands long periods without model updates and increases its accuracy when coped with the verification technique.

ATM & Biometric Solutions: A Case Study

It is shown that external factors especially cost and technological limitations prohibit widespread adoption of biometric-based retinal scans and implications for overall privacy and security that is present.

Facing the Unknown: A Stream Learning Intrusion Detection System for Reliable Model Updates

A novel stream learning intrusion detection model that maintains system accuracy, even in the presence of unknown traffic behavior, and eases the model update process by incrementally incorporating new knowledge into the machine learning model.

Sistema de Detecção de Intrusão Confiável Baseado em Aprendizagem por Fluxo

Sistemas de detecção de intrusão baseados em aprendizagem de máquina são amplamente propostos na literatura. Porém, apesar dos resultados promissores reportados, devido a falta de confiabilidade na

Towards Reliable Intrusion Detection in High Speed Networks

The proposed model advances the state-of-the-art in intrusion detection, providing reliable detection even in the presence of network traffic behavior changes and lack of model updates.



Unraveling decentralized authorization for multi-domain collaborations

  • Hannah K. Lee
  • Computer Science
    2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)
  • 2007
This paper presents an extended analysis of different types of multi-domain collaborations based on various e-Government case studies as well as that of existing authorization solutions, and takes a top-down approach of explicitly highlighting generic and interoperable components for a decentralized authorization scheme.

dRBAC: distributed role-based access control for dynamic coalition environments

The paper describes the dRBAC model and its scalable implementation using a graph approach to credential discovery and validation and provides continuous monitoring of trust relationships over long-lived interactions.

Proposed NIST standard for role-based access control

Although RBAC continues to evolve as users, researchers, and vendors gain experience with its application, the features and components proposed in this standard represent a fundamental and stable set of mechanisms that may be enhanced by developers in further meeting the needs of their customers.

Inter-domain role based access control using ontology

This paper proposes a procedure to transform the access permission matrix of multiple domain environments into inter-domain access control ontology and shows that it is possible to formalize ontology for access permission of inter- domain security policy without any conflicts in terms ofinter-domain roles, services and domains in multipledomain environments.

Secure interoperation in a multidomain environment employing RBAC policies

This paper proposes a policy integration framework for merging heterogeneous role-based access control policies of multiple domains into a global access control policy, and proposes an integer programming (IP)-based approach for optimal resolution of conflicts.

Supporting Ad-hoc Collaboration with Group-based RBAC Model

A group-based RBAC model (GB-RBAC) is proposed that provides an easy way to employ RBAC policies to secure ad-hoc collaboration and virtual group is proposed in this model to allow secure information and resource sharing in multi-group collaboration environments.

Access-control language for multidomain environments

The XML role-based access control (X-RBAC) specification language addresses multidomain environments' policy-specification needs and provides a framework for specifying mediation policies in a multidomatic environment where RBAC policies have been employed.

Integral Federated Identity Management for Cloud Computing

The proposed architecture offers significant advantages over current offerings: it eases identity management without losing flexibility, offers better user tracking through the whole cloud computing layers, and enables the implementation of multi-provider environments through account data replication.

A survey of Identity Management technology

  • Yuan CaoLin Yang
  • Business
    2010 IEEE International Conference on Information Theory and Information Security
  • 2010
A survey of identity management from the perspectives of development stages and functions variety of Identity Management, which gives a rough classification of current systems to the corresponding paradigms and models.

Supporting RBAC with XACML+OWL

The basic idea is to decouple the design of an RBAC system by modeling the role hierarchy and the constraints with an OWL ontology and the authorization policies with XACML, and introduces new functions that extend policies with semantic reasoning services based on the OWLOntology.