By Topic

A logical framework for reasoning about policies with trust negotiations and workflows in a distributed environment

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Balbiani, P. ; Inst. de Rech. en Inf. de Toulouse, Univ. de Toulouse, Toulouse, France ; Chevalier, Y. ; El Houri, M.

We propose in this paper a framework in which the security policies of services in a distributed environment can be expressed. Services interact by exchanging credentials. Each service is made up of an access control policy protecting the access to the service, and of a trust negotiation policy controlling the accessibility of the credentials for other services. We add a workflow layer for each service to model its dynamic evolution with respect to the performed accesses. Unlike most of the access control policies which are uniquely based on roles, we choose an attribute based framework leading to more flexibility in the characterization of users. The strengths of this framework are its ability to control and check the access control aspect of the services and its dynamic evolution based on an exchange of credentials. We provide a unified framework for reasoning on access control policies, trust negotiation policies and workflows.

Published in:

Risks and Security of Internet and Systems (CRiSIS), 2009 Fourth International Conference on

Date of Conference:

19-22 Oct. 2009