A Logical Framework for Reasoning about Policies with Trust Negotiations and Workflows in a Distributed Environment

Philippe Balbiani 1 Yannick Chevalier 1, 2 Marwa El-Houri 1
2 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies, INRIA Lorraine, LORIA - Laboratoire Lorrain de Recherche en Informatique et ses Applications
Abstract : We propose in this paper a framework in which the security policies of services in a distributed environment can be expressed. Services interact by exchanging credentials. Each service is made up of an access control policy protecting the access to the service, and of a trust negotiation policy controlling the accessibility of the credentials for other services. We add a workflow layer for each service to model its dynamic evolution with respect to the performed accesses. Unlike most of the access control policies which are uniquely based on roles, we choose an attribute based framework leading to more flexibility in the characterization of users. The strengths of this framework are its ability to control and check the access control aspect of the services and its dynamic evolution based on an exchange of credentials. We provide a unified framework for reasoning on access control policies, trust negotiation policies and workflows.
Type de document :
Communication dans un congrès
4th International Conference on Risks and Security of Internet and Systems - CRiSIS 2009, Oct 2009, Toulouse, France. IEEE, pp.3-11, 2009, Proceedings of the fourth international conference on Risks and Security of Internet and Systems - CRiSIS 2009. 〈10.1109/CRISIS.2009.5411983〉
Liste complète des métadonnées

https://hal.inria.fr/inria-00432528
Contributeur : Michaël Rusinowitch <>
Soumis le : lundi 16 novembre 2009 - 15:46:49
Dernière modification le : jeudi 15 février 2018 - 08:48:09

Identifiants

Citation

Philippe Balbiani, Yannick Chevalier, Marwa El-Houri. A Logical Framework for Reasoning about Policies with Trust Negotiations and Workflows in a Distributed Environment. 4th International Conference on Risks and Security of Internet and Systems - CRiSIS 2009, Oct 2009, Toulouse, France. IEEE, pp.3-11, 2009, Proceedings of the fourth international conference on Risks and Security of Internet and Systems - CRiSIS 2009. 〈10.1109/CRISIS.2009.5411983〉. 〈inria-00432528〉

Partager

Métriques

Consultations de la notice

315