Role-Based Integrated Access Control and Data Provenance for SOA Based Net-Centric Systems

In multi-domain service-based systems, services from different domains are composed together to accomplish critical tasks. In these systems, data flow from one domain to another through the composed services. Thus, security and trustworthiness are the major concerns. Many access control models have...

Full description

Saved in:
Bibliographic Details
Published in:IEEE transactions on services computing 2016-11, Vol.9 (6), p.940-953
Main Authors: Wei She, Wei Zhu, I-Ling Yen, Bastani, Farokh, Thuraisingham, Bhavani
Format: Article
Language:English
Subjects:
Access control
Computational modeling
Computer architecture
Cybersecurity
Data consistency
Data models
data provenance
data quality
data reliability
data trustworthiness
information flow control
Quality assessment
Reliability
role mapping
role-based access control
Web services
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:In multi-domain service-based systems, services from different domains are composed together to accomplish critical tasks. In these systems, data flow from one domain to another through the composed services. Thus, security and trustworthiness are the major concerns. Many access control models have been developed for service-based systems. Also, many data provenance schemes have been proposed in recent years to support data quality assessment and enhancement, data reproduction, etc. However, none of the existing mechanisms consider both access control and data provenance in an integrated model. In this paper, we propose an integrated role-based access control and data provenance model to secure the cross-domain interactions. We develop a role-based data provenance scheme which tracks the roles of originators/contributors of a data object and uses this information to help evaluate data trustworthiness. We also make use of the data provenance information and the derived data quality attributes to assist with cross domain access and information flow control. This integrated model mutually enhances data provenance and access control, providing better security and trustworthiness for many multi-domain service-based applications.
ISSN:1939-1374
1939-1374
2372-0204
DOI:10.1109/TSC.2015.2432795