Multi-Granular Licences to Decentralize Security Administration
نویسندگان
چکیده
There has been for several years a growing interest in defining new access control models and administration facilities for these models. Several models have observed that only structuring the model using the concept of roles as in RBAC is not sufficient to administer decentralized enterprises. These models have suggested to consider new concepts such as organization (as in OrBAC) or domain (as in GTRBAC) that make it easier to establish secured entreprise communications. In this paper, we suggest a self and decentralized object-oriented administration model built on the concept of organization. This model is merely based on two mechanisms: confinement and licence. Confinement restricts the authority of a subject to the organization (or sub-organizations) to which this subject has been assigned administration privileges. Licence introduces multi grain and contextual administration facility. It is used to define administration and delegation privileges, to whom they are assigned, in which context they became effective and the scope of each of them.
منابع مشابه
Towards a Scalable Role and Organization Based Access Control Model with Decentralized Security Administration
AbStrAct This chapter addresses the problem that traditional role-base access control (RBAC) models do not scale up well for modeling security policies spanning multiple organizations. After reviewing recently proposed Role and Organization Based Access Control (ROBAC) models, an administrative ROBAC model called AROBAC07 is presented and formalized in this chapter. Two examples are used to mot...
متن کاملEnvironmental Constraints Management in Digital Right Licences
In the past years, Digital Rights Management (DRM) has been used in order to control media’s resources usage, for instance for the consumers. Several proposals have been made in order to define what kind of controls one could apply and how to apply them. It has also been proposed more recently to use DRM mechanisms in the enterprises (EDRM), not to control media’s resources usage but to protect...
متن کاملAn Extended Role-Based Access Control Model for Delegating Obligations
The main aim of access control models is to provide means to simplify the management of the security policy, which is a fastidious and error-prone task. Supporting delegation is considered as an important mean to decentralize the administration and therefore to allow security policy to be more flexible and easier to manipulate. Our main contribution is the proposition of a unified model to the ...
متن کاملUncertainty analysis of hierarchical granular structures for multi-granulation typical hesitant fuzzy approximation space
Hierarchical structures and uncertainty measures are two main aspects in granular computing, approximate reasoning and cognitive process. Typical hesitant fuzzy sets, as a prime extension of fuzzy sets, are more flexible to reflect the hesitance and ambiguity in knowledge representation and decision making. In this paper, we mainly investigate the hierarchical structures and uncertainty measure...
متن کاملAn Optimal Utilization of Cloud Resources using Adaptive Back Propagation Neural Network and Multi-Level Priority Queue Scheduling
With the innovation of cloud computing industry lots of services were provided based on different deployment criteria. Nowadays everyone tries to remain connected and demand maximum utilization of resources with minimum timeand effort. Thus, making it an important challenge in cloud computing for optimum utilization of resources. To overcome this issue, many techniques have been proposed ...
متن کامل