Comments on an access control model in semantic grid☆
Introduction
In Bu and Xu’s paper [1], an access control model of semantic grid based on a former model [2] is presented, the model addresses to the convergence and consistence problems as well as confidentiality problems in semantic grid. However, we show that there are some significant design weaknesses in the model. The rest of this paper is organized as follows. In Section 2, we give a concise description of the access control model. In Section 3, we give our comments on this model. In Section 4, a brief conclusion is provided.
Section snippets
The basic idea of the model
To facilitate the discussion, in this section, we informally recapitulate the basic idea of the model, but nonessential details are omitted.
The model in [1] is an extension of the former model in [2], its main contribution is to provide a kind of semantic security. In general, an access control model concerns the secure way how subjects Saccess objects O. However, in the context of semantic grid, an object O may be a composition of n information objects . The
Global subjects access global objects
If we only consider the global subjects and global objects, then the model is trivial. This is a reasonable assumption because every local subject or object can be mapped to a global subject or object in model (Definitions 1–5 in [1]). Simply, we can define the following definition.
Definition 1 Semantic security The access of subject S to object is semantic secure if and only if for all (), the access of subject S to is Bell–LaPadula secure, which means the access satisfies ss-property, *-property and
Conclusion
In this paper, we demonstrate some significant design weaknesses of an access control model for semantic grid. Our major argument is there are unreasonable and inefficient constructions in the model.
Libin Wang, born in 1972, is associate professor. He received his Ph.D. degree from Shanghai Jiaotong University. His main research interests include network security and security models.
References (3)
- et al.
Access control in semantic grid
Future Gener. Comput. Syst.
(2004)
Cited by (0)
Libin Wang, born in 1972, is associate professor. He received his Ph.D. degree from Shanghai Jiaotong University. His main research interests include network security and security models.
Kefei Chen, born in 1959, is professor and Ph.D. supervisor. He received his Ph.D. degree from the Justus-Liebig University in 1994. His main research interests include cryptography, network security, digital watermarking and information security in E-commerce.
- ☆
Work partially supported by the National Natural Science Foundation of China (Grant No. 90104005) and National Post-Doctor Science Foundation of China.