Abstract
Multi-agent systems and mobile agents are enabling the deployment of applications in multi-domain environments. In these scenarios, different domains interact toward the same goal through resource sharing. As a result, there is the need to control the actions that an agent can perform in a foreign domain, with the only information of where it comes from and which roles does it hold in its own domain. However, this information will not be directly understandable as domains may not share the same role definitions.
MedIGS is a multi-agent middleware for the medical data sharing between hospitals which take part of a multi-domain environment. In this paper, a distributed access control for MedIGS is presented. Based on attribute conversion, this authorization scheme proposes a solution with a minimum impact in the local access control systems of the hospitals.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Alo, R., Berrached, A., De Korvin, A., Beheshti, M.: Using fuzzy relation equations for adaptive access control in distributed systems. In: Advances In Infrastructure For e-Bussiness And Education On The Internet, pp. 176–184 (2000)
Alqatawna, J., Rissanen, E., Sadighi, B.: Overriding of access control in xacml. In: POLICY 2007: Proceedings of the Eighth IEEE International Workshop on Policies for Distributed Systems and Networks, pp. 87–95. IEEE Computer Society, Los Alamitos (2007)
Ametller, J., Robles, S., Ortega-Ruiz, J.A.: An implementation of self-protected mobile agents. In: Eleventh IEEE International Conference and Workshop on the Engineering of Computer-Based Systems, Brno, Czech Republic, pp. 544–549. IEEE Computer Society Press, Los Alamitos (2004)
Ferraiolo, D., Kuhn, R.: Role-based access controls. In: 15th NIST-NCSC National Computer Security Conference, pp. 554–563 (1992)
Foley, S.N.: Supporting imprecise delegation in keynote using similarity measures. In: Sixth Nordic Workshop on Secure IT Systems (2001)
Gong, L., Qian, X.: Computational issues in secure interoperation. Software Engineering 22(1), 43–52 (1996)
Hosmer, H.H.: Security is fuzzy!: applying the fuzzy logic paradigm to the multipolicy paradigm. In: NSPW 1992-1993: Proceedings on the 1992-1993 workshop on New security paradigms, pp. 175–184. ACM, New York (1993)
López, G., Cánovas-Reverte, O., Gómez-Skarmeta, A.F.: Use of xacml policies for a network access control service. In: 4th International Workshop for Appiled PKI, IWAP 2005 (September 2005)
López, G., Cánovas, Ó., Gómez-Skarmeta, A.F., Otenko, S., Chadwick, D.W.: A heterogeneous network access service based on PERMIS and SAML. In: Chadwick, D., Zhao, G. (eds.) EuroPKI 2005. LNCS, vol. 3545, pp. 55–72. Springer, Heidelberg (2005)
Navarro-Arribas, G., Foley, S.: Approximating SAML using similarity based imprecision. Intelligence in Communication Systems (January 2005)
Odlyzko, A.: Economics, psychology, and sociology of security. In: Wright, R.N. (ed.) FC 2003. LNCS, vol. 2742, pp. 182–189. Springer, Heidelberg (2003)
Ovchinnikov, S.: Fuzzy sets and secure computer systems. In: NSPW 1994: Proceedings of the 1994 workshop on New security paradigms, pp. 54–62. IEEE Computer Soceity Press, Los Alamitos (1994)
Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A community authorization service for group collaboration. In: POLICY 2002: Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Washington, DC, USA, p. 50. IEEE Computer Soceity, Los Alamitos (2002)
Samarati, P., di Vimercati, S.d.C.: Access control: Policies, models, and mechanisms. In: Focardi, R., Gorrieri, R. (eds.) FOSAD 2000. LNCS, vol. 2171, pp. 137–196. Springer, Heidelberg (2001)
Shafiq, B., Joshi, J.B.D., Bertino, E., Ghafoor, A.: Secure interoperation in a multidomain environment employing rbac policies. IEEE Transactions on Knowledge and Data Engineering 17(11), 1557–1577 (2005)
Sun, Y., Pan, P., Leung, H., Shi, B.: Ontology based hybrid access control for automatic interoperation. In: Automatic and Trusted Computing. LNCS, pp. 323–332. Springer, Heidelberg (2007)
Vieira-Marques, P., Robles, S., Cucurull, J., Cruz-Correia, R., Navarro-Arribas, G., Martí, R.: Secure integration of distributed medical data using mobile agents. IEEE Intelligent Systems 21(6) (November-December 2006)
Zadeh, L.A.: Fuzzy sets. Information and Control 8(3), 338–353 (1965)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Martínez-García, C., Navarro-Arribas, G., Borrell, J., Martín-Campillo, A. (2009). An Access Control Scheme for Multi-agent Systems over Multi-Domain Environments. In: Demazeau, Y., Pavón, J., Corchado, J.M., Bajo, J. (eds) 7th International Conference on Practical Applications of Agents and Multi-Agent Systems (PAAMS 2009). Advances in Intelligent and Soft Computing, vol 55. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-00487-2_43
Download citation
DOI: https://doi.org/10.1007/978-3-642-00487-2_43
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-00486-5
Online ISBN: 978-3-642-00487-2
eBook Packages: EngineeringEngineering (R0)