Abstract:
Secure communication environment of multiple autonomous domains collaboration is the basis of large-scale distributed applications, group communication with the character of high efficiency and flexibility is the basic communication mode. However, these collaborative applications lack central control, and in addition their users and resources belong to different autonomous domains. Users in collaborative environments expect to join/leave group, access domain resources dynamically, which leads to large numbers of new security challenges and access control problem. In view of the heterogeneous and dynamic character of multiple autonomous domains collaboration, role-based access control with distributed trust management is complemented and a role-based distributed trust management framework is proposed, thus resolving dynamic joint authorization and attribute-based delegation authorization. Meanwhile, an infrastructure is presented, which includes security policy negotiation, credentials issue, proof-of-compliance for the credentials and access control policy, and reasoning about users' access rights. A more flexible, reliable, secure access control model is provided for the collaborative environment of multi-domains group communication.