Pair-Wise Privilege Control for Cross-Domain Private Data Sharing

Enterprise-scale organizations have large numbers of internal and external users, with different privilege requirements spanning across many resources. The dynamic nature of modern organizations demands that they efficiently and securely provision and deactivate data privileges to reflect rapidly changing user responsibilities. Previous approaches to consolidated user provisioning have focused on constructing and maintaining a formal model of user privileges, in order to predict what role/roles should be assigned to any given user, based on user classification and other user attributes. In realworld deployments, formal models have not scaled well, because many users are unique and consequently there is no leverage to be gained by grouping them into roles. This paper proposes a scheme for dual control of user granular privilege and dynamic granular data access. The framework includes a correlated privilege control model and a label-based dynamic access level process. The method supports user activity control over cross-domain objects with variable data access granularity. It encompasses the advantages of existing role based and label based control, while reducing computation complexity and storage requirements. The proposed method has been formally verified and implemented in JAVA.