Abstract
Policy-mapping mechanisms can efficiently help to realize the exchange and the sharing of cross-domain information at low cost. However, due to concerns over policy conflicts, if not sufficient incentives, most selfish domains are often disinterested in helping others to implement policy mapping cooperatively. Thus an appropriate incentive mechanism is required. In this paper, we propose an incentive mechanism to encourage selfish domains to take part in policy mapping and resolve policy conflicts. Formulating conflict resolution as a double auction and solving Bayesian Nash equilibrium, we design the optimal asking/bidding price scheme to maximize the benefits of the domains involved. Simulations demonstrate that our approach can efficiently incentivize selfish domains to take part in cooperation.
Supported by the National Key Research and Development Program of China (No.2019YFB2101702), the National Natural Science Foundation of China (No. U1836203) and the Youth Innovation Promotion Association CAS (2019160).
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Notes
- 1.
Temporal attribute-based encryption (TABE) can be used to seal the price. Only when the pre-negotiated time is reached, the domain involved can decrypt the sealed price. TABE is out of the scope of our paper, please refer to [1] for more details.
- 2.
For example, as shown in Fig. 2(d), there are two candidate schemes \(S_1=\{\text {remove the mapping } r_7:B \Longrightarrow r_1:A \text { or } r_3:A \Longrightarrow r_4:B\}\) and \(S_2=\{\text {modify the inheritance relationship between } r_1 \text { and }r_3\}\) of resolving conflicts: if we delete mapping \(r_7\):B \(\Longrightarrow \) \(r_1\):A or \(r_3\):A \(\Longrightarrow \) \(r_4\):B, then no conflict can be found.
References
Calistabebe, P., Akila, D.: Quantitative sørensen-dice indexed damgård-jurik cryptosystem for secured data access control in cloud. In: IOP Conference Series: Materials Science and Engineering. vol. 993, p. 012093. IOP Publishing (2020)
Chen, H.C.: Collaboration IoT-based RBAC with trust evaluation algorithm model for massive IoT integrated application. Mob. Netw. Appl. 24(3), 839–852 (2019). https://doi.org/10.1007/s11036-018-1085-010.1007/s11036-018-1085-0
Cruz, J.P., Kaji, Y., Yanai, N.: Rbac-sc: role-based access control using smart contract. IEEE Access 6, 12240–12251 (2018)
Ding, K., Zhang, J.: Multi-party privacy conflict management in online social networks: a network game perspective. IEEE/ACM Trans. Networking 28(6), 2685–2698 (2020)
Du, J., Jiang, C., Chen, K., Ren, Y., Poor, H.V.: Community-structured evolutionary game for privacy protection in social networks. IEEE Trans. Inf. Forensics Secur. 13(3), 574–589 (2018)
Fang, L., Yin, L., Guo, Y., Wang, Z., Li, F.: Resolving access conflicts: an auction-based incentive approach. In: MILCOM 2018–2018 IEEE Military Communications Conference (MILCOM), pp. 1–6. IEEE (2018)
Hu, H., Ahn, G.J., Zhao, Z., Yang, D.: Game theoretic analysis of multiparty access control in online social networks. In: Proceedings of the 19th ACM Symposium on Access Control Models and Technologies, pp. 93–102 (2014)
Huynh, N., Frappier, M., Pooda, H., Mammar, A., Laleau, R.: Sgac: a multi-layered access control model with conflict resolution strategy. Comput. J. 62(12), 1707–1733 (2019)
Ma, M., Stankovic, J.A., Feng, L.: Cityresolver: a decision support system for conflict resolution in smart cities. In: 2018 ACM/IEEE 9th International Conference on Cyber-Physical Systems (ICCPS), pp. 55–64. IEEE (2018)
Mehregan, P., Fong, P.W.: Policy negotiation for co-owned resources in relationship-based access control. In: Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies, pp. 125–136 (2016)
Omar, I.Y., Laborde, R., Wazan, A.S., Barrère, F., Benzekri, A.: Egovernment service security policy: obligation conflict resolution in xacmlv3. In: Proceedings of the International Conference on Security and Management (SAM), p. 89. The Steering Committee of The World Congress in Computer Science (2016)
Salehi, A., Rudolph, C., Grobler, M.: A dynamic cross-domain access control model for collaborative healthcare application. In: 2019 IFIP/IEEE Symposium on Integrated Network and Service Management (IM), pp. 643–648. IEEE (2019)
Samadian, H., Tuiyot, D., Valera, J.: Dynamic programming approach in conflict resolution algorithm of access control module in medical information systems. In: Arai, K., Kapoor, S., Bhatia, R. (eds.) FICC 2020. AISC, vol. 1129, pp. 672–681. Springer, Cham (2020). https://doi.org/10.1007/978-3-030-39445-5_49
Shafiq, B., Joshi, J.B., Bertino, E., Ghafoor, A.: Secure interoperation in a multidomain environment employing RBAC policies. IEEE Trans. Knowl. Data Eng. 17(11), 1557–1577 (2005)
Tadikamalla, P.R.: A look at the burr and related distributions. International Statistical Review/Revue Internationale de Statistique, pp. 337–344 (1980)
Yahiaoui, M., Zinedine, A., Harti, M.: Deconflicting policies in attribute-based access control systems. In: 2018 IEEE 5th International Congress on Information Science and Technology (CiSt), pp. 130–136. IEEE (2018)
Yang, B., Hu, H.: Secure conflicts avoidance in multidomain environments: a distributed approach. IEEE Trans. Syst. Man Cybern. Syst. (99), 1–12 (2019)
Zeng, Q., Liu, C., Duan, H., Zhou, M.: Resource conflict checking and resolution controller design for cross-organization emergency response processes. IEEE Trans. Syst. Man Cybern. Syst. 50(10), 3685–3700 (2019)
Zhang, Y., Kasahara, S., Shen, Y., Jiang, X., Wan, J.: Smart contract-based access control for the internet of things. IEEE Internet Things J. 6(2), 1594–1605 (2018)
Zhu, H., Sheng, Y., Zhou, X., Zhu, Y.: Group role assignment with cooperation and conflict factors. IEEE Trans. Syst. Man Cybern. Syst. 48(6), 851–863 (2016)
Zhu, T., Li, F., Jin, W., Guo, Y., Fang, L., Cheng, L.: Cross-domain access control policy mapping mechanism for balancing interoperability and autonomy. J. Commun. 41(9), 29–48 (2020)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2021 Springer Nature Switzerland AG
About this paper
Cite this paper
Guo, Y., Sun, X., Yu, M., Li, F., Geng, K., Li, Z. (2021). Resolving Policy Conflicts for Cross-Domain Access Control: A Double Auction Approach. In: Paszynski, M., Kranzlmüller, D., Krzhizhanovskaya, V.V., Dongarra, J.J., Sloot, P.M.A. (eds) Computational Science – ICCS 2021. ICCS 2021. Lecture Notes in Computer Science(), vol 12742. Springer, Cham. https://doi.org/10.1007/978-3-030-77961-0_43
Download citation
DOI: https://doi.org/10.1007/978-3-030-77961-0_43
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-77960-3
Online ISBN: 978-3-030-77961-0
eBook Packages: Computer ScienceComputer Science (R0)