Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 2

cross-domain Related Abstracts

2 BTG-BIBA: A Flexibility-Enhanced Biba Model Using BTG Strategies for Operating System

Authors: Gang Liu, Huimin Song, Can Wang, Runnan Zhang, Quan Wang, Shaomin Ji

Abstract:

Biba model can protect information integrity but might deny various non-malicious access requests of the subjects, thereby decreasing the availability in the system. Therefore, a mechanism that allows exceptional access control is needed. Break the Glass (BTG) strategies refer an efficient means for extending the access rights of users in exceptional cases. These strategies help to prevent a system from stagnation. An approach is presented in this work for integrating Break the Glass strategies into the Biba model. This research proposes a model, BTG-Biba, which provides both an original Biba model used in normal situations and a mechanism used in emergency situations. The proposed model is context aware, can implement a fine-grained type of access control and primarily solves cross-domain access problems. Finally, the flexibility and availability improvement with the use of the proposed model is illustrated.

Keywords: context, Biba model, break the glass, cross-domain, fine-grained

Procedia PDF Downloads 389
1 Research and Implementation of Cross-Domain Data Sharing System in Net-Centric Environment

Authors: Xiaoqing Wang, Li Li, Jianjian Zong, Yanxing Zheng, Jinrong Tong, Mao Zhan

Abstract:

With the rapid development of network and communication technology, a great deal of data has been generated in different domains of the network. These data show a trend of increasing scale and more complex structure. Therefore, an effective and flexible cross-domain data sharing system is needed. The Cross-domain Data Sharing System (CDSS) in a net-centric environment is composed of three sub-systems. The data distribution sub-system provides data exchange service through publish-subscribe technology that supports asynchronism and multi-to-multi communication, which adapts to the needs of the dynamic and large-scale distributed computing environment. The access control sub-system adopts Attribute-Based Access Control (ABAC) technology to uniformly model various data attributes such as subject, object, permission, and environment, which effectively monitors the activities of users accessing resources and ensures that legitimate users get effective access control rights within a legal time. The cross-domain access security negotiation subsystem automatically determines the access rights between different security domains in the process of interactive disclosure of digital certificates and access control policies through trust policy management and negotiation algorithms, which provides an effective means for cross-domain trust relationship establishment and access control in a distributed environment. The CDSS’s asynchronous,multi-to-multi, and loosely-coupled communication features can adapt well to data exchange and sharing in a dynamic, distributed, and large-scale network environment. Next, it will given CDSS new features to support the mobile computing environment.

Keywords: data exchange, data sharing, cross-domain, ABAC, publish-subscribe

Procedia PDF Downloads 2