|
Title:
|
FI-ORBAC: A MODEL OF ACCESS CONTROL FOR FEDERATED IDENTITY PLATFORM |
|
Author(s):
|
Farah Layouni , Yann Pollet |
|
ISBN:
|
978-972-8924-79-9 |
|
Editors:
|
Miguel Baptista Nunes, Pedro IsaĆas and Philip Powell |
|
Year:
|
2009 |
|
Edition:
|
Single |
|
Keywords:
|
Federated identity, Control access, Collaboration, Interoperability, ORBAC, FI-OrBAC |
|
Type:
|
Short Paper |
|
First Page:
|
393 |
|
Last Page:
|
397 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
In the information security field, the issue of access control is a crucial element. This access control is governed by a
security policy that defines precisely the authorized actions for all actors in an information system. This step is necessary
and constitutes a fundamental brick for the protection, confidentiality and integrity of information. This has more
magnitude in the case of Federated Identity Infrastructure (FII). In this article, we focus mainly on information and
communication systems dedicated to the federated identity platform. We propose a new approach to treat the operational
and security problems faced by an FII, particularly those related to access control and collaboration. The objective is to
extend OrBAC with the concepts required to deploy and administer the model in distributed organizations. More
precisely, the following problems have to be addressed: consistency of the access rules to be deployed, distribution of the
access right control, distribution of the access right administration and characterization of the trusted components that
need to be integrated in the global architecture to secure it. |
|
|
|
|
|
|
