An agent and RBAC model to secure cooperative information systems
Pages 122 - 130
Abstract
The growing need to share information among independent sources is mostly satisfied by the construction of a Cooperative Information System. In our works, access schemas over physical tables or views of DBMS are described using a role-based model integrating constraints. This description allows to deal with problems related to the heterogeneity of access models, while keeping security properties of local schemas in order to comply with the autonomy of the cooperative stakeholders. In this paper, we describe the extensions proposed to the RBAC model to build access bridges among the local schemas. This proposition will be implemented in a Multi-Agents System ACSIS (Agents for the Cooperation of Secured Information Systems), compliant with XACML standard.
References
[1]
Shet A. -- "Changing focus on Interoperability in Information Systems: from system, Syntax, Structure to semantics -- In Interoperability Geographic Information Systems -- Kluwer Academic press -- 2000.
[2]
Boulanger D., Disson E., Dubois G. "Object-Oriented Metadata for Secured Cooperation of legacy Information Systems", International Workshop on Model enginearing IWME'00 Sophia-Antipolis and Cannes, France, 12--16th June, 2000.
[3]
Eßayr W., Kastner F., Pernul G., Preishuber S., Tjoa A. - Access Controls for Federated Database Environments. - Proceedings Joint IFIP TC 6 and TC 11 Working Conf. on Communications and Multimedia Security, Graz, Austria - 1995.
[4]
Lampson B. W. "Protection", Proc 5th Symp. On Information Sciences and Systems, Princeton University, March, 1971.
[5]
Bell D. E., Lapadula L. J. "Secure computer systems: mathematical foundations", ESD-TR-73-278, Vol 1--2, MITRE Corp., Bedford MA, 1973.
[6]
Ferraiolo D., Kuhn R. "Role-Based Access Control", proc. 15th National Computer Security Conference, Baltimore, October, 1992.
[7]
Sandhu R. S., Coyne E. J., Feinstein H. L., Youman C. E. "Role-Based Access Control Models", IEEE Computer, Vol 29, n°2, pages 38--47, February, 1996.
[8]
Disson E., Boulanger D., Dubois G. "A Role-Based Model for Access Control in Database Federations", 3rd International Conference on Information and Communications Security, ICICS'01, Xian, China, 13--16 November 2001, LNCS 2229 Springer Verlag.
[9]
Wooldridge M., Jennings N. R.-- "Intelligent Agents: Theory and Practice" in Knowledge Engineering Review -- 1995.
[10]
Wiederhold G., Genesereth M. "Basis for Mediation"; Proceedings of COOPIS'95, Vienna Austria - 1995.
[11]
Nodine M., Fowler J., Ksiezyk T., Perry B., Taylor M., Unruh A. - "Active Information Gathering in InfoSleuth" - International Journal of Cooperative Information Systems, Vol. 9, No. 1--2. pp. 3--28. -- 2000.
[12]
Huin L., Boulanger D. Disson E., "Agents to secure Cooperative Information Systems". 3rd International Conference on Network & System Security-NSS 2009. Gold Coast, AUSTRALIE 2009.
[13]
Coma-Brebel C., Cuppens-Boulahia N., Cuppens F., Cavalli A. R. - A context ontology based approach for secure interoperability. HP-SUA 2007: HP Software University Association 2007, July 8--11, Garching/Munich, Germany, 2007
[14]
El Kalam A., El Baida R., Balbiani P., Benferhat S., Cuppens F., Deswarte Y., Miège A., Saurel C. et Trouessin G. - Organization Based Access Control. IEEE 4th International Workshop on Policies for Distributed Systems and Networks (Policy 2003), Lake Come, Italy, June 4--6, 2003.
[15]
El Kalam A., Deswarte Y., Baina A., Kaâniche M. - 'Access control for collaborative systems: a Web Services Approach' - International Conference on Web Services ICWS'2007, IEEE Computer Society Press, Salt Lake city (UT, USA), July 2007, pp 1064--1071.
[16]
Jonscher D., Dittrich KR. -- "Argos A Configurable Access Control System for Interoperable Environments" - Database Security, IX: Status and Prospects -- 1995.
[17]
Dawson S., Qian S., Samarati P., "Secure Interoperation of Heterogeneous Systems: A Mediator-Based Approach" -Proceedings of the 14th IFIP TC-11 International Conference on Information Security - 1998.
[18]
Tari Z. -- "Designing Security Agents of the DOK Federated System" -- Database Security XI, IFIP - 1998.
[19]
Liu D., Law K., Wiederhold G. - "CHAOS: An Active Security Mediation System" - Proceedings of International Conference on Advanced Information Systems Engineering, LNCS, vol. 1789--2000.
[20]
Hale J., Galiasso P., Papa M., Shenoi S., "Security policy coordination for heterogeneous information systems" - Proceedings. 15th Annual Computer Security Applications Conference, 1999.
[21]
Martinez-Garcia C., Navarro-Arribas G., Borrell J. Martin-Campillo A., "An access control scheme for multi-agent systems over multi-domain environments" - Proceedings of the 7th International Conference on Practical Applications of Agents and Multi-Agent Systems PAAMS'09, Salamanca (Spain), 25 th - 27 th March, 2009.
[22]
OASIS Project: www.oasis.org
[23]
JADE Plateform: jade.tilab.com
[24]
Wooldridge M., Jennings N. R., Kinny D. -- The Gaia Methodology for Agent Oriented Analysis and Design -- 3rd Conference on Autonomous Agents -- 2000.
Information & Contributors
Information
Published In
Copyright © 2010 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- NECTEC: National Electronics and Computer Technology Center
- KU: Kasetsart University
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 26 October 2010
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
MEDES '10
Sponsor:
- NECTEC
- KU
MEDES '10: The International Conference on Management of Emergent Digital EcoSystems 2010
October 26, 2010
Bangkok, Thailand
Acceptance Rates
MEDES '10 Paper Acceptance Rate 26 of 93 submissions, 28%;
Overall Acceptance Rate 267 of 682 submissions, 39%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 134Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 03 Mar 2025
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in