Skip to main content
SpringerLink
Log in

The RBAC model and implementation architecture in multi-domain environment

  • Published:
Electronic Commerce Research Aims and scope Submit manuscript

Abstract

Nowadays in the IT convergence environment, the Service Oriented Architecture has its unique significance. The RBAC model has a variety of advantages in protecting the security of services. When the network is extended to a certain scale, it must be divided into multi domains for convenient management. However, the study to the RBAC model can be applied in multi-domain environment is still lacked. Corresponding feasible implementation architectures for the individual and composite services are also in weak. In this paper, we proposed a domain model and a domain based RBAC model can better adapt to the multi-domain security requirements. Then based on the model we designed feasible and efficient access control architectures respectively focusing on the individual services and different type of composite services. The evaluation cases showed the proposed model and implementation architectures achieved desired effects and the performances are in promising.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7

Similar content being viewed by others

References

  1. Cagnina, M. R., & Poian, M. (2009). Beyond e-business models: the road to virtual worlds. Electronic Commerce Research, 9(2), 49–75.

    Article  Google Scholar 

  2. Bertino, E., Martino, L., Paci, F., & Squicciarini, A. (2010). Security for web services and service-oriented architectures (1st ed.). Berlin: Springer. http://download.csdn.net/download/yuan_ping_an/4115257. Accessed 23 Nov. 2011

    Book  Google Scholar 

  3. Wang, X., Sang, Y., Liu, Y., & Luo, Y. (2011). Considerations on security and trust measurement for virtualized environment. Journal of Convergence

  4. Sandhu, R. S., & Samarati, P. (1994). Access control: principles and practice. IEEE Communications Magazine, 9, 40–48.

    Article  Google Scholar 

  5. Vimercati, S., Foresti, S., & Samarati, P. (2008). Recent advances in access control. In Handbook of Database Security (pp. 1–26).

    Chapter  Google Scholar 

  6. Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. (1996). Role based access control models. Computer, 29(2), 38–47.

    Article  Google Scholar 

  7. Sandhu, R. S., Ferraiolo, D., & Kuhn, R. (2000). The NIST model for role-based access control: towards a unified standard. In Proceedings of the fifth ACM workshop on role-based access control, New York.

    Google Scholar 

  8. Essmayr, W., Probst, S., & Weippl, E. (2004). Role-based access controls: status, dissemination, and prospects for generic security mechanisms. Electronic Commerce Research, 4(1), 127–156.

    Article  Google Scholar 

  9. Kuhn, D., Coyne, E., & Weil, T. (2010). Adding attributes to role-based access control. Computer, 43(10), 79–81.

    Article  Google Scholar 

  10. Li, N. H., Mitchell, J., & Winsborough, W. (2002). Design of a role-based trust-management framework. In SP’02 proceedings, Washington (pp. 114–130).

    Google Scholar 

  11. Defense Information Systems Agency (2004). A security architecture for NET-CENTRIC Enterprise Services, Version 0.3. http://www.defense.gov/. Accessed 30 Jun. 2005.

  12. Bertino, E., & Bonatti, P. (2001). TRBAC: a temporal role-based access control model. ACM Transactions on Information and System Security, 4(3), 191–223.

    Article  Google Scholar 

  13. Piromruen, S., & Joshi, J. B. (2005). An RBAC framework for time constrained secure interoperation in multi-domain environment. In WORDS’05 proceedings (pp. 36–45).

    Google Scholar 

  14. Shi, X. L., Fang, Y., Zhang, Y., Li, Y. L., & Sun, L. P. (2007). A role-based access control model in distributed environment. Journal of Sichuan University, 44(2), 303–307.

    Google Scholar 

  15. Demchenko, Y., & Laat, C. (2006). Domain based access control model for distributed collaborative applications. In E-science ’06 proceedings, Amsterdam (pp. 24–32).

    Google Scholar 

  16. Stubblefield, A., Rubin, A. D., & Wallach, D. S. (2005). Managing the performance impact of web security. Electronic Commerce Research, 9(1), 99–116.

    Article  Google Scholar 

  17. Priggouris, L., & Hadjiefthymiades, S. (2006). A distributable security management architecture for enterprise systems spanning multiple security domains. Electronic Commerce Research, 6(3), 33–66.

    Google Scholar 

  18. Kapadia, A., Al-mohtadi, J., Campbell, R., & Mikunas, D. (2000). IRBAC 2000: secure interoperability using dynamic role translation (Technical Report UIUCDCS-R-2000-2162). Illinois University.

  19. Chafi, A., & Mezini, M. (2005). Using aspects for security engineering of web service compositions, web services. In ICWS 2005 (Vol. 1, pp. 59–66).

    Google Scholar 

  20. Bertino, E., Crampton, J., & Paci, F. (2006). Access control and authorization constraints for WS-BPEL, web services. In ICWS 2006 (pp. 275–284).

    Google Scholar 

  21. Menzel, M., Wolter, C., & Meinel, C. (2007). Access control for cross-organisational web service composition. Journal of Information Assurance and Security, 2, 155–160.

    Google Scholar 

  22. Kamath, A., Liscano, R., & Saddik, A. E. (2006). User-credential based role mapping in multi-domain environment. In PST’06 proceedings (Vol. 62).

    Google Scholar 

Download references

Acknowledgements

Our sincere thanks for financial support from The China 863 Research and Development Project Foundation award 2008AA01A323. We thank the experts and other anonymous reviewers for their helpful comments.

Author information

Authors and Affiliations

  1. Institute of Command Automation, PLAUST, Haifu Road 1, 270001, Nanjing, China

    Zan Yang

  2. Institute of EESEC of China, Dacheng Road 13, 100141, Beijing, China

    Jian-xin Wang, Lin Yang & Rui-guang Yang

  3. The 61046 and 316 Medical troops of China, Xianghongqi Road 1, 100000, Beijing, China

    Bao-sheng Kou, Jie-kun Chen & Shu-mei Yang

Authors
  1. Zan Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Jian-xin Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Lin Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Rui-guang Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Bao-sheng Kou
    View author publications

    You can also search for this author in PubMed Google Scholar

  6. Jie-kun Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  7. Shu-mei Yang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Zan Yang.

Rights and permissions

Reprints and permissions

About this article

Cite this article

Yang, Z., Wang, Jx., Yang, L. et al. The RBAC model and implementation architecture in multi-domain environment. Electron Commer Res 13, 273–289 (2013). https://doi.org/10.1007/s10660-013-9123-2

Download citation

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s10660-013-9123-2

Keywords

Search

Navigation