Skip to main content
SpringerLink
Log in

Layer-Based Access Control Model in the Manufacturing Infrastructure and Design Automation System

  • Conference paper
Information Security and Cryptology - ICISC 2003 (ICISC 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2971))

Included in the following conference series:

  • 726 Accesses

Abstract

Design and manufacturing of a complex product requires collaboration among companies. The collaborating companies form a virtual enterprise, which is dynamically organized. In this paper, we propose a Layer-based Access Control (LBAC) system in a collaborative design and manufacturing environment. Our system protects not only data but also processes in a hierarchical distributed workflow environment. The goal is to shield the process from illegal access as well as to protect intellectual properties and trade secrets. Our proposed approach protects objects between organizations at different level of granularity, and supports access control (AC) in heterogeneous environments. In LBAC, we introduce a new concept – AC layer, which wraps the AC systems of a virtual organization. The security information exchanges between the AC systems inside and outside the AC layer through a well-defined interface of the AC layer. The AC layer seamlessly glues different AC systems in organizations together according to the inter-organization workflow. Inside an organization the role is used to manage accesses. The encapsulation and dynamic binding features of the layered based approach make LBAC suitable for the collaborative design and manufacturing environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Argus-Systems. Pitbull lx secure application environment, white paper (2001)

    Google Scholar 

  2. Atluri, V., Huang, W.: An authorization model for workflows. In: Martella, G., Kurth, H., Montolivo, E., Bertino, E. (eds.) ESORICS 1996. LNCS, vol. 1146, pp. 25–27. Springer, Heidelberg (1996)

    Google Scholar 

  3. Au, R., Looi, M., Ashley, P.: Automated cross-organisational trust establishment on extranets. In: Australian Computer Science Communications, Proceedings of the workshop on Information technology for virtual enterprises, vol. 23 (2001)

    Google Scholar 

  4. Baldwin, R., Chung, M.J.: Design methodology management: A formal approach. Computer 28(2), 54–63 (1995)

    Article  Google Scholar 

  5. Bell, D.E., LaPadula, L.J.: Secure computer systems: Mathematical foundations and model. TR. M., 74–224 (1973)

    Google Scholar 

  6. Bullock, A., Benford, S.: An access control framework for multi-user collaborative environments. In: Proceedings of the international ACM SIGGROUP conference on Supporting group work, Phoenix, Arizona, United States, November 14-17, pp. 140–149 (1999)

    Google Scholar 

  7. Chung, M., Kwon, P., Pentland, B.: Making process visible: A grammartical approach to managing design processes. ASME Transaction. Journal of Mechanical Design 124, 364–374 (2002)

    Article  Google Scholar 

  8. Coulouris, G., Dollimore, J., Roberts, M.: Role and task-based access control in the perdis groupware platform. In: 3rd ACM workshop on Role-based Access, Fairfax, VA, pp. 115–121 (1998)

    Google Scholar 

  9. Dewan, P., Shen, H.H.: Flexible meta access-control for collaborative applications. In: Proceedings of the 1998 ACM conference on Computer supported cooperative work, Seattle, Washington, United States, November 14-18, pp. 247–256 (1998)

    Google Scholar 

  10. Emmerich, W., Gruhn, V.: Funsoft nets: A petri-net based software process modeling language. In: Proc. of the 6th Int. Workshop on Software Specification and Design, Como, Italy, pp. 175–184. IEEE Computer Society Press, Los Alamitos (1991)

    Chapter  Google Scholar 

  11. Erdmann, S., Wortmann, J.: Enterprise modelling with funsoft nets. In: Proceedings of the 1st International Enterprise Distributed Object Computing Workshop (EDOC 1997), Gold Coast, Australia, October 24-26 (1997)

    Google Scholar 

  12. Ferraiolo, D.F., Cugini, J., et al.: Role based access control: Features and motivations. In: Computer Security Applications Conference (1995)

    Google Scholar 

  13. Fielding, R.T., Whitehead, E.J., Anderson, K.M., Bolcer, A.G., Oreizy, P., Taylor, R.N.: Web-based development of complex information products. Communications of the ACM 41(8), 84–92 (1998)

    Article  Google Scholar 

  14. Fox, M.S., Gruninger, M.: Enterprise modelling. AI Magazine, 109–121 (Fall 1998)

    Google Scholar 

  15. Hardwick, M., Spooner, D.L., Rando, T., Morris, K.C.: Sharing manufacturing information in virtual enterprises. Communications of the ACM 39(2), 46–54 (1996)

    Article  Google Scholar 

  16. Hoffner, Y., Ludwig, H., Grefen, P., Aberer, K.: Crossflow: Integrating workflow management and electronic commerce

    Google Scholar 

  17. Huang, W., Atluri, V.: Secureflow: A secure web-enabled workflow management system. In: ACM Workshop on Role-based Access Control, pp. 83–94 (1999)

    Google Scholar 

  18. IDEF (1998), http://www.idef.com

  19. Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Transactions on Database Systems 26(2) (2001)

    Google Scholar 

  20. Kang, M.H., Park, J.S., et al.: Access control mechanisms for interorganizational workflow. In: Sixth ACM Symposium on Access Control Models and Technologies (2001)

    Google Scholar 

  21. Kudo, M., Hada, S.: Xml access control (2000), http://www.trl.ibm.com/projects/xml/xacl/xmlac-proposal.html

  22. Kudo, M., Hada, S.: Xml document security based on provisional authorization. In: 7th ACM Conference on Computer and Communication Security (CCS 2000) (November 2000)

    Google Scholar 

  23. Linington, P., Milosevic, Z., Raymond, K.: Policies in communities: Extending the odp enterprise viewpoint. In: Proc. 2nd IEEE Enterprise Distributed Object Computing Workshop, San-Diego (1998)

    Google Scholar 

  24. Lupu, E., Milosevic, Z., et al.: Use of roles and policies for specifying, and managing a virtual enterprise. In: The 9th IEEE International Workshop on Research Issues on Data Engineering: Information Technology for Virtual Enterprises (RIDE-VE 1999), Sydney, Australia (1999)

    Google Scholar 

  25. Lupu, E., Sloman, M.: A policy based role object model. In: Proc. 1st IEEE Enterprise Distributed Object Computing Workshop, Gold Coast, Australia, pp. 36–47 (1997)

    Google Scholar 

  26. NIIIP. The niiip reference architecture (1996), http://www.niiip.org

  27. Qin, Y.: Manufacturing Infrastructure and Design Automation System (MIDAS) with XML representation. PhD thesis, Computer Science and Engineering, Michigan State University, East Lansing (2002)

    Google Scholar 

  28. Rahwan, I., Kowalczyk, R., et al.: Virtual Enterprise Design - BDI Agents vs. Objects. In: Recent Advances in Artificial Intelligence in e-Commerce. R. a. L. Kowalczyk, M, Springer, Heidelberg (2000)

    Google Scholar 

  29. Rodrigues, M.A., Liu, Y., Bottaci, L., Rigas, D.I.: Learning and diagnosis in manufacturing processes through an executable bayesian network. In: 13th International Conference on Industrial and Engineering Applications of Artificial Intelligence and Expert Systems IEA/AIE-2000, New Orleans, June 19-22, pp. 390–395 (2000)

    Google Scholar 

  30. Roeckle, H., Schimpf, G., Weidinger, R.: Process-oriented approach for rolefinding to implement role-based security administration in a large industrial organization, pp. 103–110. ACM, New York (2000)

    Google Scholar 

  31. Sandhu, R.S., Samarati, P.: Access control: Principles and practice. IEEE Communications Magazine, 40–48 (September 1994)

    Google Scholar 

  32. Stevens, G., Wulf, V.: A new dimension in access control: studying maintenance engineering across organizational boundaries. In: Proceedings of the 2002 ACM conference on Computer supported cooperative work, New Orleans, Louisiana, USA, November 16-20 (2002)

    Google Scholar 

  33. Thomas, R.K., Sandhu, R.S.: Task-based authorization controls (tbac): A family of models for active and enterprise-oriented authorization management. In: The IFIO WG11.3 Workshop on Database Security, Lake Tahoe, California (1997)

    Google Scholar 

  34. Wainer, J., Barthelmess, P., Kumar, A.: W-rbac - a workflow security incorporating controlled overriding of constraints. International Journal of Cooperative Information Systems 12(4), 455–485 (2003)

    Article  Google Scholar 

  35. Zhou, Q., Besant, C.B.: Information management in production planning for a virtual enterprise. Int. J. Prod. Res. 37(1), 207–218 (1999)

    Article  MATH  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Computer Science and Engineering Dept., Michigan State University, USA

    Yuan Zhang & Moon Jung Chung

  2. ETRI Taejeon, Korea

    Hyun Kim

Authors
  1. Yuan Zhang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Moon Jung Chung
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Hyun Kim
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Center for Information Security Technologies (CIST), Korea University, Seoul, Korea

    Jong-In Lim

  2. CIST (Center for Information Security Technologies), Korea University, Anam Dong, Sungbuk Gu, Seoul, Korea

    Dong-Hoon Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2004 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zhang, Y., Chung, M.J., Kim, H. (2004). Layer-Based Access Control Model in the Manufacturing Infrastructure and Design Automation System. In: Lim, JI., Lee, DH. (eds) Information Security and Cryptology - ICISC 2003. ICISC 2003. Lecture Notes in Computer Science, vol 2971. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24691-6_16

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-24691-6_16

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-21376-5

  • Online ISBN: 978-3-540-24691-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation