Secure access control in multidomain environments and formal analysis of model specifications

Authors

FATEMEH NAZERIAN
HOMAYUN MOTAMENI
HOSSEIN NEMATZADEH

DOI

10.3906/elk-1802-55

Abstract

Distributed multiple organizations interact with each other. If the domains employ role-based access control, one method for interaction between domains is role-mapping. However, it may violate constraints in the domains such as role hierarchy, separation of duty, and cardinality. Therefore, autonomy of the domains is lost. This paper proposes secure interoperation in multidomain environments. For this purpose, a cross-domain is created by foreign permission assignment. In an effort to maintain the autonomy of every domain, several rules are defined formally. Then, a decentralized scheme is used to provide permission mapping between domains. At the next stage, the proposed cross-domain is specified using Alloy, the first logic language. Subsequently, validity of the rules is analyzed through Alloy analyzer.

Keywords

multidomain, conflict, Alloy, formal language, role-based access control

First Page

2525

Last Page

2540

Recommended Citation

NAZERIAN, FATEMEH; MOTAMENI, HOMAYUN; and NEMATZADEH, HOSSEIN (2018) "Secure access control in multidomain environments and formal analysis of model specifications," Turkish Journal of Electrical Engineering and Computer Sciences: Vol. 26: No. 5, Article 30. https://doi.org/10.3906/elk-1802-55
Available at: https://journals.tubitak.gov.tr/elektrik/vol26/iss5/30