A formal role-based access control model for security policies in multi-domain mobile networks |
| |
Authors: | D. Unal M.U. Caglayan |
| |
Affiliation: | 1. TUBITAK BILGEM (Center of Research for Advanced Technologies of Informatics and Information Security), TUBITAK Gebze Yerleskesi, P.O Box 74, 41470 Gebze, Kocaeli, Turkey;2. Bogazici University, TAM Research Center, Kandilli, Istanbul, Turkey;1. Centre for Quantifiable Quality of Service in Communication Systems, Norwegian University of Science and Technology, O.S. Bragstads plass 2E, N-7491 Trondheim, Norway;2. Department of Telematics, Norwegian University of Science and Technology, O.S. Bragstads plass 2E, N-7491 Trondheim, Norway;1. Dept. of Math & Computer Science, Virginia State University, Petersburg, VA 23806, USA;2. Dept. of Computer Science, Univ. of Alabama, Tuscaloosa, AL 35487, USA;1. Faculty of Computing, Engineering and Sciences, Staffordshire University, Stoke-on-Trent ST4 2DF, United Kingdom;2. School of Engineering and Built Environment, Glasgow Caledonian University, Glasgow G4 0BA, United Kingdom |
| |
Abstract: | Mobile users present challenges for security in multi-domain mobile networks. The actions of mobile users moving across security domains need to be specified and checked against domain and inter-domain policies. We propose a new formal security policy model for multi-domain mobile networks, called FPM-RBAC, Formal Policy Model for Mobility with Role Based Access Control. FPM-RBAC supports the specification of mobility and location constraints, role hierarchy mapping, inter-domain services, inter-domain access rights and separation of duty. Associated with FPM-RBAC, we also present a formal security policy constraint specification language for domain and inter-domain security policies. Formal policy constraint specifications are based on ambient logic and predicate logic. We also use ambient calculus to specify the current state of a mobile network and actions within security policies for evaluation of access requests according to security policies. A novel aspect of the proposed policy model is the support for formal and automated analysis of security policies related to mobility within multiple security domains. |
| |
Keywords: | |
本文献已被 ScienceDirect 等数据库收录! |
|