Author:
Wenhua Qi
Affiliation:
School of Electronic and Information Engineering, Beihang University, China
Keyword(s):
Peer groups, Access control, Joint management, JXTA technology.
Related
Ontology
Subjects/Areas/Topics:
Access Control
;
Data Engineering
;
Databases and Data Security
;
Enterprise Information Systems
;
Formal Methods
;
Information and Systems Security
;
Information Systems Analysis and Specification
;
Internet Technology
;
Methodologies and Technologies
;
Operational Research
;
Peer-To-Peer Security
;
Security
;
Simulation and Modeling
;
Stochastic Processes
;
Web Information Systems and Technologies
Abstract:
Collaborative peer groups means that multiple self-organizing peers aggregating in a controlled manner to accomplish some collective goals. Peer groups share the properties of peer-to-peer overlay network, including full decentralization, symmetric abilities, and dynamism, which make security problems more complicated. Most prior work focused on authentication, group key management and communication security. However, access control is an important precondition of many security services. Intend for a pure decentralized model without centralized server, our framework employs a distributed delegation authorization mechanism and proposes an authority selection scheme. Multiple authorities could exist in this design, which could avoid single point of failure. Based on the role-based trust management language RT, this paper presents an attribute-based access control framework, and describes a formal joint authorization protocol under voting scheme, to satisfy security requirements of mult
iple peers. We also introduce our implementation experience by applying JXTA technology.
(More)