Koshutanski, Hristo and Massacci, Fabio (2004) Interactive Access Control in Autonomic Communication. UNSPECIFIED. (In Press)

Preview

PDF Download (947Kb) | Preview

Abstract

Autonomic Communication is a new paradigm for dynamic network integration. An Autonomic Network crosses organizational and management boundaries and is provided by entities that see each other just as business partners. Policy-based network access and management already requires a paradigm shift in the access control mechanism: from identity-based access control to trust management and negotiation, but this is not enough for cross organizational autonomic communication. For many services no autonomic communication partner may guess a priori what will be sent by clients and clients may not know a priori what credentials are demanded for completing a service requiring the orchestration of many different autonomic nodes. To solve this problem we propose to use interactive access control for autonomic communication: servers should be able to get back to clients asking for missing credentials, whereas the latter may decide to supply or decline requested credentials and so on until a final decision is made. This proposal is grounded in a formal model on policy-based access control using abduction. We identify the key algorithm for interactive access and show its correctness. The Web Services-based implementation that we have developed is also sketched.

Actions (login required)