Inter-Operability In Incompatible Access Control Models
Keywords:
Role Based Access Control Model, Attribute Based Access Control Model, eXtensible Access Control Markup Language, Policy Segregator,Policy GeneratorAbstract
Sharing of resources across an interoperable environment has it’s own fair share of pros and cons. The sharing of resources or data in an interoperable environment enhances the quality of services and the productivity among the organizations. The pros of an interoperable environment are mitigated by it’s cons. The resources and data of the organisations are under constant threat of being accessed beyond the authorization privileges specified to them. In an intra-operable environment, these threats of accessing beyond the privileges specified are nullified by defining Security Policies (SP) and implementing these defined Security Policies (SP) through Access Control Models. In an inter-operable environment, defining Security Policies (SP) for the whole environment can be a tedious and a complex task. This approach makes the system a rigid one and performs poorly while handling a large number of users/entities i.e it is not scalable. This approach will be more complex when both the organisations employ incompatible Access Control Models. A more effective approach would be to design a system which is efficient enough to make the Access Control Models in the environment compatible with each other. This can be achieved by designing a system which can dynamically generate Access Control Policies (ACPs) for a specific Access Control Model, which are compatible with the remaining Access Control Models in the environment. In this paper we focus on the inter-operability of two such models - Attribute Based Access Control Model (ABAC) and Role Based Access Control Model (RBAC).
Downloads
Downloads
Published
How to Cite
Issue
Section
License
You are free to:
- Share — copy and redistribute the material in any medium or format for any purpose, even commercially.
- Adapt — remix, transform, and build upon the material for any purpose, even commercially.
- The licensor cannot revoke these freedoms as long as you follow the license terms.
Under the following terms:
- Attribution — You must give appropriate credit , provide a link to the license, and indicate if changes were made . You may do so in any reasonable manner, but not in any way that suggests the licensor endorses you or your use.
- No additional restrictions — You may not apply legal terms or technological measures that legally restrict others from doing anything the license permits.
Notices:
You do not have to comply with the license for elements of the material in the public domain or where your use is permitted by an applicable exception or limitation .
No warranties are given. The license may not give you all of the permissions necessary for your intended use. For example, other rights such as publicity, privacy, or moral rights may limit how you use the material.