A dynamic access control model for inter-operation in multi-domain environment based on risk

The rapid development of Internet and related technologies has created tremendous possibilities for the interoperability between applications in open and heterogeneous distributed environment. Interoperability provides a means for distributed applications to share resources and services, which improves performance and resource utilization. Access control is a crucial security technology. It can control the legal users to sensitive resources effectively and ensure users to access relative resource. For the complexity of the multi-domain environment and the ceaseless evolvement of the information secure share, the traditional access control method can not ensure the absolute security for the exchange of data resource. Traditional access control model can not satisfy the requirement of the dynamic of the multi-domain environment. Through introducing the concept of risk, the authors propose a dynamic access control model for multi-domain environment based on the risk of inter-operations. The risk grade of an access policy can be calculated by the history of the inter-operations among domains; the security degree of the objects and the safety factor of the access events. Through adjusting the access policies which have high risk grade, the risk in the system can be controlled in real time. The analysis of the security theory shows that this method can reinforce the facility of the access control and the security of the multi-domain environment.