Secure interoperation in multidomain environments employing UCON policies

Jianfeng Lu*, Ruixuan Li, Vijay Varadharajan, Zhengding Lu, Xiaopu Ma

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingChapterpeer-review

3 Citations (Scopus)


Ensuring secure interoperation in multidomain environments based on role based access control (RBAC) has drawn considerable research works in the past. However, RBAC primarily consider static authorization decisions based on subjects' permissions on target objects, and there is no further enforcement during the access. Recently proposed usage control (UCON) can address these requirements of access policy representation for temporal and time-consuming problems. In this paper, we propose a framework to facilitate the establishment of secure interoperability in multidomain environments employing Usage Control (UCON) policies. In particular, we propose an attribute mapping technique to establish secure context in multidomain environments. A key challenge in the establishment of secure interoperability is to guarantee security of individual domains in presence of interoperation. We study how conflicts arise and show that it is efficient to resolve the security violations of cyclic inheritance and separation of duty.

Original languageEnglish
Title of host publicationInformation Security
Subtitle of host publication12th International Conference, ISC 2009, Pisa, Italy, September 7-9, 2009. Proceedings
EditorsPierangela Samarati, Claudio A. Ardagna, Moti Yung, Fabio Martinelli
Place of PublicationBerlin
PublisherSpringer, Springer Nature
Number of pages8
ISBN (Electronic)9783642044748
ISBN (Print)9783642044731
Publication statusPublished - 2009
Event12th Information Security Conference, ISC 2009 - Pisa, Italy
Duration: 7 Sep 20099 Sep 2009

Publication series

NameLecture Notes in Computer Science
PublisherSpringer Berlin Heidelberg
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349


Other12th Information Security Conference, ISC 2009

Fingerprint Dive into the research topics of 'Secure interoperation in multidomain environments employing UCON policies'. Together they form a unique fingerprint.

Cite this