Department of Computer Science
Trust based access control in infrastructure-centric environment
The rapid development of applications running on global information infrastructure poses the problem of securing information sharing among domain collaborations. Existing access control models are defective in dynamic authorization based on user's trustworthiness and do not take full advantages of the infrastructure in implementing access control system. In this work, we propose a trust and role based access control model and the corresponding framework in infrastructure-centric environment. With the extension to RBAC model, trust level requirements, which dictate that the roles in the privilege context must be activated by the trustworthy user, can be specified. The comprehensive trust model, which calculates the user's trust level in multiple trust contexts based on behavior histories, is proposed. Moreover, by taking advantages of the infrastructure services, our scheme is flexible and scalable in that system administrators are free to choose custom scoring functions while the infrastructure trust evaluation services are relieved of the heavy burdens of history record maintenance and trust level update. © 2011 IEEE.
access control, infrastructure-centric, trust model
Source Publication Title
2011 IEEE International Conference on Communications (ICC)
Yang, Ran, Chuang Lin, Yixin Jiang, and Xiaowen Chu. "Trust based access control in infrastructure-centric environment." 2011 IEEE International Conference on Communications (ICC) (2011): 1-5.