Download now Free registration required
Role based trust management uses Distributed Role Hierarchies (DRH) to provide flexible and scalable authorization in multi-domain environments, but DRH are inherently transitive and may easily lead to unexpected or even illegal authorization. In this paper, the authors propose TS-DRH, a generalized extension of DRH based on a novel trust scope model of distributed roles. TS-DRH introduces the notion of scoped roles with four kinds of structural trust scopes, and uses scoped roles to control the member scopes of senior roles and the permission scopes of junior roles, and thus helps to control the propagation of role memberships and permissions in DRH. This paper also designs rule based semantics and a compliance checking algorithm to compute authorization decisions for TS-DRH.
- Format: PDF
- Size: 183.98 KB