Abstract
OASIS is a role-based access control architecture for achieving secure interoperation of independently managed services in an open, distributed environment. OASIS differs from other RBAC schemes in a number of ways: role management is decentralised, roles are parametrised, and privileges are not delegated. OASIS depends on an active middleware platform to notify services of any relevant changes in their environment
Services define roles and establish formally specified policy for role activation and service use; users must present the required credentials and satisfy specified constraints in order to activate a role or invoke a service. The membership rule of a role indicates which of the role activation conditions must remain true while the role is active. A role is deactivated immediately if any of the conditions of the membership rule associated with its activation become false
Instead of privilege delegation OASIS introduces the notion of appointment, whereby being active in certain roles carries the privilege of issuing appointment certificates to other users. Appointment certificates capture the notion of long lived credentials such as academic and professional qualification or membership of an organisation. The role activation conditions of a service may include appointment certificates, prerequisite roles and environmental constraints
We define the model and architecture and discuss engineering details, including security issues. We illustrate how an OASIS session can span multiple domains, and discuss how it can be used in a global environment where roving principals, in possession of appointment certificates, encounter and wish to use services. We propose a minimal infrastructure to enable widely distributed, independently developed services to enter into agreements to respect each other’s credentials
We speculate on a further extension to mutually unknown, and therefore untrusted, parties. Each party will accumulate audit certificates which embody its interaction history and which may form the basis of a web of trust
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
J. Bacon, M. Lloyd, and K. Moody. Translating role-based access control policy within context. In Proceedings of Policy 2001, Policies for Distributed Systems and Networks, volume 1995 of Lecture Notes in Computer Science, pages 107–119. Springer-Verlag, 2001
J. Bacon, K. Moody, J. Bates, R. Hayton, C. Ma, A. McNeil, O. Seidel, and M. Spiteri. Generic support for distributed applications. IEEE Computer, pages 68–76, March 2000.
E. Barka and R. Sandhu. A role-based delegation model and some extensions. In 23rd National Information Systems Security Conference, Baltimore, MD, October 2000.
E. Barka and R. Sandhu. Framework for role-based delegation models. In 16th Annual Computer Security Applications Conference, New Orleans, Louisiana, December 2000.
M. J. Covington, M. J. Moyer, and M. Ahamad. Generalized role-based access control for securing future applications. In 23rd National Information Systems Security Conference, Baltimore, MD, October 2000.
D. F. Ferraiolo, J. F. Barkley, and D. R. Kuhn. A role-based access control model and reference implementation within a corporate intranet. ACM Transactions on Information and System Security, 2(1):34–64, Feb 1999.
L. Giuri and P. Iglio. Role templates for content-based access control. In Second ACM Workshop on Role-Based Access Control, pages 153–159, Fairfax, Virginia, November 1997.
C. Goh and A. Baldwin. Towards a more complete model of role. In Third ACM Workshop on Role-Based Access Control, pages 55–61, Fairfax, Virginia, October 1998.
R. Hayton, J. Bacon, and K. Moody. OASIS: Access Control in an Open, Distributed Environment. In Proceedings of IEEE Symposium on Security and Privacy, pages 3–14, Oakland, CA, May 1998. IEEE.
J. Hine, W. Yao, J. Bacon, and K. Moody. An architecture for distributed OASIS services. In Middleware 2000, volume 1795 of Lecture Notes in Computer Science, pages 104–120, 2000.
J. D. Moffett and E. C. Lupu. The uses of role hierarchies in access control. In Fourth ACM Workshop on Role-Based Access Control, pages 153–160, Fairfax, Virginia, October 1999.
M. Nyanchama and S. Osborn. Access rights administration in role-based security systems. In J. Biskup, M. Morgernstern, and C. Landwehr, editors, Database Security VIII: Status and Prospects, 1995.
M. Nyanchama and S. Osborn. The role graph model and conflict of interest. ACM Transactions on Information and System Security, 2(1):3–33, Feb 1999.
R. Sandhu. Role activation hierarchies. In Third ACM Workshop on Role-Based Access Control, pages 33–40, Fairfax, Virginia, October 1998.
R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. Computer, 29(2):38–47, Feb. 1996.
R. T. Simon and M. E. Zurko. Separation of duty in role-based environments. In 10th IEEE Computer Security Foundations Workshop, pages 183–194, Rockport, Massachusetts, June 1997.
W. Yao, K. Moody, J. Bacon. A Model of OASIS Role-Based Access Control and its Support for Active Security. In Proceedings, Sixth ACM Symposium on Access Control Models and Technologies (SACMAT), pages 171–181, Chantilly, VA, May 2001
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 IFIP International Federation for Information Processing
About this paper
Cite this paper
Bacon, J., Moody, K., Yao, W. (2001). Access Control and Trust in the Use of Widely Distributed Services. In: Guerraoui, R. (eds) Middleware 2001. Middleware 2001. Lecture Notes in Computer Science, vol 2218. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45518-3_16
Download citation
DOI: https://doi.org/10.1007/3-540-45518-3_16
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42800-8
Online ISBN: 978-3-540-45518-9
eBook Packages: Springer Book Archive