The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...

This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...

This paper proposes an Authorization-Pull support for Community Authorization Services (CAS), an authorization-push model for the Grid authorization by the Globus Alliance, to evaluate it in the role of a pull model. The proposed system tries to evaluate the advantages and use of an authorization-pull model in the grid scenario making use of CAS and compares the same with the push-model origina...

Firstly considering the problems in e-government authorization model, we analyze the features of government business process. Then an innerorganization authorization model based on organization is proposed. Then based on the proposed model, an authorization model for inter-organizational business process collaboration is designed. This model can resolve the problem of separating organization an...

In this paper, we discuss the design issues for an authorization framework for Web Services. In particular, we describe the features required for an authorization policy language for Web Services. We briefly introduce the authorization service provided by Microsoft .NET MyServices and describe our extended authorization model that proposes extensions to the .NET MyServices authorization service...

Security requirements in distributed software systems are inherently dynamic. In the case of authorization policies, resources are meant to be accessed only by authorized parties, but the authorization to access a resource may be dynamically granted/yielded. We describe ongoing work on a model for specifying communication and dynamic authorization handling. We build upon the π-calculus so as to...

Authorization is a crucial process in current information systems. Nowadays, many of the current authorization systems do not provide methods to describe the semantics of the underlying information model which they are protecting. This fact can lead to mismatch problems between the semantics of the authorization model and the semantics of the underlying data and resources being protected. In or...

Though traditional authorization models can ensure the security of equipment, they don’t offer promise both for good quality of service and for strong system robustness. Therefore, this paper presents a semi-distributed authorization model which splits the single decision point into two roles: core-authorization decision point and sub-authorization decision point. In this model, several deci‐ s...