ETRI-Knowledge Sharing Plaform

ENGLISH

성과물

논문 검색
구분 SCI
연도 ~ 키워드

상세정보

학술지 Active Access Control (AAC) with Fine-Granularity and Scalability
Cited 6 time in scopus Download 0 time Share share facebook twitter linkedin kakaostory
저자
Joon S. Park, 안개일, Ivy Y. Liu
발행일
201110
출처
Security and Communication Networks, v.4 no.10, pp.1114-1129
ISSN
1939-0114
출판사
Wiley-Blackwell
DOI
https://dx.doi.org/10.1002/sec.236
협약과제
10MS4800, 전역적 협력기반의 통합보안제어 시스템 개발, 김종현
초록
Strong access control mechanisms become most critical when we need security services in large-scale computing environments of sensitive organizations. Furthermore, if users join or leave such computing environment frequently, requiring different access control decisions based on their current job responsibilities and contexts, the need for advanced access control is pressing. Although the currently available access control approaches have a great potential for providing reliable service, there are still critical obstacles to be solved, especially in large-scale, dynamic computing environments. In this paper we introduce an advanced access control mechanism, Active Access Control (AAC), which accounts for the ability to make dynamic access control decisions based not only on pre-defined privileges, but also on the current situation of the user. The framework of the proposed AAC approach provides fine-grained access control, by considering a variety of attributes about the user and the current computing environment, especially, when the users contexts are frequently changed. Although the outputs of the AAC approach can be integrated with any other existing access control mechanisms and improve the overall fine-granularity, as a full demonstration of our approach for fine-granularity as well as scalability, in this particular paper we focus on large-scale computing environments and integrate the AAC results with the role-based approach. Finally, in order to prove the feasibility of our proposed idea we implement the AAC approach with roles and discuss the evaluation results with existing approaches. © 2010 John Wiley & Sons, Ltd.
KSP 제안 키워드
Access control decisions, Based Approach, Computing environment, Current situation, Dynamic access control, Existing Approaches, Fine-grained access control, Role-based, access control mechanism, large-scale computing, need for