An agent and RBAC model to secure cooperative information systems
Pages 122 - 130
Abstract
The growing need to share information among independent sources is mostly satisfied by the construction of a Cooperative Information System. In our works, access schemas over physical tables or views of DBMS are described using a role-based model integrating constraints. This description allows to deal with problems related to the heterogeneity of access models, while keeping security properties of local schemas in order to comply with the autonomy of the cooperative stakeholders. In this paper, we describe the extensions proposed to the RBAC model to build access bridges among the local schemas. This proposition will be implemented in a Multi-Agents System ACSIS (Agents for the Cooperation of Secured Information Systems), compliant with XACML standard.
References
[1]
Shet A. -- "Changing focus on Interoperability in Information Systems: from system, Syntax, Structure to semantics -- In Interoperability Geographic Information Systems -- Kluwer Academic press -- 2000.
[2]
Boulanger D., Disson E., Dubois G. "Object-Oriented Metadata for Secured Cooperation of legacy Information Systems", International Workshop on Model enginearing IWME'00 Sophia-Antipolis and Cannes, France, 12--16th June, 2000.
[3]
Eßayr W., Kastner F., Pernul G., Preishuber S., Tjoa A. - Access Controls for Federated Database Environments. - Proceedings Joint IFIP TC 6 and TC 11 Working Conf. on Communications and Multimedia Security, Graz, Austria - 1995.
[4]
Lampson B. W. "Protection", Proc 5th Symp. On Information Sciences and Systems, Princeton University, March, 1971.
[5]
Bell D. E., Lapadula L. J. "Secure computer systems: mathematical foundations", ESD-TR-73-278, Vol 1--2, MITRE Corp., Bedford MA, 1973.
[6]
Ferraiolo D., Kuhn R. "Role-Based Access Control", proc. 15th National Computer Security Conference, Baltimore, October, 1992.
[7]
Sandhu R. S., Coyne E. J., Feinstein H. L., Youman C. E. "Role-Based Access Control Models", IEEE Computer, Vol 29, n°2, pages 38--47, February, 1996.
[8]
Disson E., Boulanger D., Dubois G. "A Role-Based Model for Access Control in Database Federations", 3rd International Conference on Information and Communications Security, ICICS'01, Xian, China, 13--16 November 2001, LNCS 2229 Springer Verlag.
[9]
Wooldridge M., Jennings N. R.-- "Intelligent Agents: Theory and Practice" in Knowledge Engineering Review -- 1995.
[10]
Wiederhold G., Genesereth M. "Basis for Mediation"; Proceedings of COOPIS'95, Vienna Austria - 1995.
[11]
Nodine M., Fowler J., Ksiezyk T., Perry B., Taylor M., Unruh A. - "Active Information Gathering in InfoSleuth" - International Journal of Cooperative Information Systems, Vol. 9, No. 1--2. pp. 3--28. -- 2000.
[12]
Huin L., Boulanger D. Disson E., "Agents to secure Cooperative Information Systems". 3rd International Conference on Network & System Security-NSS 2009. Gold Coast, AUSTRALIE 2009.
[13]
Coma-Brebel C., Cuppens-Boulahia N., Cuppens F., Cavalli A. R. - A context ontology based approach for secure interoperability. HP-SUA 2007: HP Software University Association 2007, July 8--11, Garching/Munich, Germany, 2007
[14]
El Kalam A., El Baida R., Balbiani P., Benferhat S., Cuppens F., Deswarte Y., Miège A., Saurel C. et Trouessin G. - Organization Based Access Control. IEEE 4th International Workshop on Policies for Distributed Systems and Networks (Policy 2003), Lake Come, Italy, June 4--6, 2003.
[15]
El Kalam A., Deswarte Y., Baina A., Kaâniche M. - 'Access control for collaborative systems: a Web Services Approach' - International Conference on Web Services ICWS'2007, IEEE Computer Society Press, Salt Lake city (UT, USA), July 2007, pp 1064--1071.
[16]
Jonscher D., Dittrich KR. -- "Argos A Configurable Access Control System for Interoperable Environments" - Database Security, IX: Status and Prospects -- 1995.
[17]
Dawson S., Qian S., Samarati P., "Secure Interoperation of Heterogeneous Systems: A Mediator-Based Approach" -Proceedings of the 14th IFIP TC-11 International Conference on Information Security - 1998.
[18]
Tari Z. -- "Designing Security Agents of the DOK Federated System" -- Database Security XI, IFIP - 1998.
[19]
Liu D., Law K., Wiederhold G. - "CHAOS: An Active Security Mediation System" - Proceedings of International Conference on Advanced Information Systems Engineering, LNCS, vol. 1789--2000.
[20]
Hale J., Galiasso P., Papa M., Shenoi S., "Security policy coordination for heterogeneous information systems" - Proceedings. 15th Annual Computer Security Applications Conference, 1999.
[21]
Martinez-Garcia C., Navarro-Arribas G., Borrell J. Martin-Campillo A., "An access control scheme for multi-agent systems over multi-domain environments" - Proceedings of the 7th International Conference on Practical Applications of Agents and Multi-Agent Systems PAAMS'09, Salamanca (Spain), 25 th - 27 th March, 2009.
[22]
OASIS Project: www.oasis.org
[23]
JADE Plateform: jade.tilab.com
[24]
Wooldridge M., Jennings N. R., Kinny D. -- The Gaia Methodology for Agent Oriented Analysis and Design -- 3rd Conference on Autonomous Agents -- 2000.
Index Terms
- An agent and RBAC model to secure cooperative information systems
Recommendations
A MAS for access control management in cooperative information systems
MEDES '13: Proceedings of the Fifth International Conference on Management of Emergent Digital EcoSystemsThis proposition deals with interoperation of data and security policies in cooperative information systems. We use the agent paradigm for the treatment of distributed programs and perform complex tasks through cooperation and interactions. A ...
DW-RBAC: A formal security model of delegation and revocation in workflow systems
One reason workflow systems have been criticized as being inflexible is that they lack support for delegation. This paper shows how delegation can be introduced in a workflow system by extending the role-based access control (RBAC) model. The current ...
Modeling location attributes using XACML-RBAC model
MoMM '09: Proceedings of the 7th International Conference on Advances in Mobile Computing and MultimediaLocation-based access control (LBAC) takes the requester's location into account when deciding weather the requester should be granted access to the requested resource or not. Many models have been suggested to extend the Role-based access control (RBAC)...
Comments
Please enable JavaScript to view thecomments powered by Disqus.Information & Contributors
Information
Published In
Copyright © 2010 ACM.
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]
Sponsors
- NECTEC: National Electronics and Computer Technology Center
- KU: Kasetsart University
In-Cooperation
Publisher
Association for Computing Machinery
New York, NY, United States
Publication History
Published: 26 October 2010
Check for updates
Author Tags
Qualifiers
- Research-article
Conference
MEDES '10
Sponsor:
- NECTEC
- KU
MEDES '10: The International Conference on Management of Emergent Digital EcoSystems 2010
October 26, 2010
Bangkok, Thailand
Acceptance Rates
MEDES '10 Paper Acceptance Rate 26 of 93 submissions, 28%;
Overall Acceptance Rate 267 of 682 submissions, 39%
Contributors
Other Metrics
Bibliometrics & Citations
Bibliometrics
Article Metrics
- 0Total Citations
- 134Total Downloads
- Downloads (Last 12 months)1
- Downloads (Last 6 weeks)0
Reflects downloads up to 31 Dec 2024
Other Metrics
Citations
View Options
Login options
Check if you have access through your login credentials or your institution to get full access on this article.
Sign in