Introducing Role-based Access Control to a Secure Virtual Machine Monitor: Security Policy Enforcement Mechanism for Distributed Computers

被引：4

作者：

Hirano, Manabu ^{[1
]}

Shinagawa, Takahiro ^{[2
]}

Eiraku, Hideki ^{[2
]}

Hasegawa, Shoichi ^{[2
]}

Omote, Kazumasa ^{[2
]}

Tanimoto, Koichi ^{[2
]}

Horie, Takashi ^{[2
]}

Kato, Kazuhiko ^{[2
]}

Okuda, Takeshi ^{[3
]}

Kawai, Eiji ^{[3
]}

Yamaguchi, Suguru ^{[3
]}

机构：

[1] Toyota Natl Coll Technol, Dept Informat & Comp Engn, 2-1 Sakae, Aichi, Japan

[2] Univ Tsukuba, Grad Sch ISE, Dept Comp Sci, Ibaraki, Japan

[3] Nara Inst Sci & Technol, Grad Sch Informat Sci, Nara, Japan

来源：

2008 IEEE ASIA-PACIFIC SERVICES COMPUTING CONFERENCE, VOLS 1-3, PROCEEDINGS | 2008年

关键词：

D O I：

10.1109/APSCC.2008.14

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

In recent years, as the data processed by governmental or commercial organizations increases, cases involving information leak have risen. It is difficult to control information on many distributed end-point computers using conventional security mechanisms. Therefore, we have been proposed a novel secure VMM (Virtual Machine Monitor) architecture which is used as a foundation of security policy enforcement on distributed computers. This paper especially introduces Role-based Access Control (RBAC) to the ID management framework in a secure VMM system. Our proposal will reduce costs for distributed policies updates. Proposed RBAC mechanism employs attribute certificates (ACs) to handle user's roles. This paper shows design and prototype implementation based on PKI-based ID card and proven open source VMM software, QEMU.

引用

页码：1225 / +

页数：2

共 50 条

[1] Hardware-Enhanced Distributed Access Enforcement for Role-Based Access Control
Bloom, Gedare
Simha, Rahul
PROCEEDINGS OF THE 19TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES (SACMAT'14), 2014, : 5 - 15
[2] Efficient Access Enforcement in Distributed Role-Based Access Control (RBAC) Deployments
Tripunitara, Mahesh V.
Carbunar, Bogdan
SACMAT'09: PROCEEDINGS OF THE 14TH ACM SYMPOSIUM ON ACCESS CONTROL MODELS AND TECHNOLOGIES, 2009, : 155 - 164
[3] Cryptographic Enforcement of Role-Based Access Control
Crampton, Jason
FORMAL ASPECTS OF SECURITY AND TRUST, 2011, 6561 : 191 - 205
[4] Static Enforcement of Role-Based Access Control
Ali, Asad
Fernandez, Maribel
ELECTRONIC PROCEEDINGS IN THEORETICAL COMPUTER SCIENCE, 2014, (163): : 36 - 50
[5] The application of security policy to role-based access control and the common data security architecture
Lin, A
Brown, R
COMPUTER COMMUNICATIONS, 2000, 23 (17) : 1584 - 1593
[6] Security analysis in role-based access control
Purdue University, West Lafayette, IN, United States
不详
不详
不详
ACM Trans. Inf. Syst. Secur., 2006, 4 (391-420):
[7] Role-based access control for a distributed calculus
Braghin, Chiara
Gorla, Daniele
Sassone, Vladimiro
JOURNAL OF COMPUTER SECURITY, 2006, 14 (02) : 113 - 155
[8] A distributed calculus for role-based access control
Braghin, C
Gorla, D
Sassone, V
17TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS, 2004, : 48 - 60
[9] Application of an Improved Role-Based Access Control Model in OBS Security Mechanism
Jiang, Xueying
Zhang, Chengjun
Liu, Kean
Li, Shiyao
2011 INTERNATIONAL CONFERENCE ON COMPUTERS, COMMUNICATIONS, CONTROL AND AUTOMATION (CCCA 2011), VOL II, 2010, : 555 - 558
[10] A role-based multilevel security access control model
Pan, L
Zhang, CN
Yang, CG
JOURNAL OF COMPUTER INFORMATION SYSTEMS, 2006, 46 (03) : 1 - 10

← 1 2 3 4 5 →