Dynamic User Role Assignment in Remote Access Control

The Role-Based Access Control (RBAC) model has been widely applied to a single domain in which users are known to the administrative unit of that domain, beforehand. However, the application of the conventional RBAC model for remote access control scenarios is not straightforward. In such scenarios, the access requestor is outside of the provider domain and thus, the user population is heterogeneous and dynamic. Here, the main challenge is to automatically assign users to appropriate roles of the provider domain. Trust management has been proposed as a supporting technique to solve the problem of remote access control. The key idea is to establish a mutual trust between the requestor and provider based on credentials they exchange. However, a credential doesn't convey any information about the behavior of its holder during the time it is being used. Furthermore, in terms of privileges granted to the requestor, existing trust management systems are either too restrictive or not restrictive enough. In this paper, we propose a new dynamic user-role assignment approach for remote access control, where a stranger requests for access from a provider domain. Our approach has two advantages compared to the existing dynamic user-role assignment techniques. Firstly, it addresses the principle of least privilege without degrading the efficiency of the access control system. Secondly, it takes into account both credentials and the past behavior of the requestor in such a way that he cannot compensate for the lack of necessary credentials by having a good past behavior

Nonmonotonic Trust Management for P2P Applications

Community decisions about access control in virtual communities are non-monotonic in nature. This means that they cannot be expressed in current, monotonic trust management languages such as the family of Role Based Trust Management languages (RT). To solve this problem we propose RT-, which adds a restricted form of negation to the standard RT language, thus admitting a controlled form of non-monotonicity. The semantics of RT- is discussed and presented in terms of the well-founded semantics for Logic Programs. Finally we discuss how chain discovery can be accomplished for RT-.Comment: This paper appears in the proceedings of the 1st International Workshop on Security and Trust Management (STM 2005). To appear in ENTC

Trust Management Model for Cloud Computing Environment

Software as a service or (SaaS) is a new software development and deployment paradigm over the cloud and offers Information Technology services dynamically as "on-demand" basis over the internet. Trust is one of the fundamental security concepts on storing and delivering such services. In general, trust factors are integrated into such existent security frameworks in order to add a security level to entities collaborations through the trust relationship. However, deploying trust factor in the secured cloud environment are more complex engineering task due to the existence of heterogeneous types of service providers and consumers. In this paper, a formal trust management model has been introduced to manage the trust and its properties for SaaS in cloud computing environment. The model is capable to represent the direct trust, recommended trust, reputation etc. formally. For the analysis of the trust properties in the cloud environment, the proposed approach estimates the trust value and uncertainty of each peer by computing decay function, number of positive interactions, reputation factor and satisfaction level for the collected information.Comment: 5 Pages, 2 Figures, Conferenc

Privacy, security, and trust issues in smart environments

Recent advances in networking, handheld computing and sensor technologies have driven forward research towards the realisation of Mark Weiser's dream of calm and ubiquitous computing (variously called pervasive computing, ambient computing, active spaces, the disappearing computer or context-aware computing). In turn, this has led to the emergence of smart environments as one significant facet of research in this domain. A smart environment, or space, is a region of the real world that is extensively equipped with sensors, actuators and computing components [1]. In effect the smart space becomes a part of a larger information system: with all actions within the space potentially affecting the underlying computer applications, which may themselves affect the space through the actuators. Such smart environments have tremendous potential within many application areas to improve the utility of a space. Consider the potential offered by a smart environment that prolongs the time an elderly or infirm person can live an independent life or the potential offered by a smart environment that supports vicarious learning

Public Private Partnership for Equitable Provision of Quality Health Services

This report presents the findings of an independent Technical Review that focused on the promotion of Public Private Partnership (PPP) for equitable provision of quality health services in Tanzania. The report is meant to contribute to the Annual Joint Health Sector Review 2005. The ToR has been broadly defined, signifying the interest that many stakeholders currently take in PPP. The Review Team (RT), with two international and three national consultants, undertook efforts to consult stakeholders for prioritisation of the issues included in the ToR. The RT had access to a large number of official documents such as laws, by-laws, policy documents, guidelines, etc. and a wide range of studies on PPP set in Tanzania complemented by international literature. The RT undertook efforts to interview relevant persons and committees, associations, organisations, ministries, donors, etc. at the national level as well as in four districts, two rural and two urban. Nevertheless, time constraints did force the RT to limit itself and consequently not all actors that constitute the private health sector could be contacted. It is hoped that the Annual Joint Health Sector Review 2005 will allow a representative participation of all actors in the field of PPP to discuss this review and compensate for any issue or actor that was left out unintended