This project will develop a comprehensive framework for security management using access control models for distributed applications in a heterogeneous multidomain environment. Such systems are expected to play a critical role in a broad range of Web-based applications. The proposed framework will be built upon role-based access control (RBAC) models. The use of roles for security management has several well-recognized advantages. Noted among them is their flexibility in representing key organizational functions while directly supporting the security policies of an organization. Due to the dynamic nature of distributed applications and the heterogeneity aspects of the underlying multidomain environment, development of the proposed framework poses several daunting challenges. The main challenges addressed in this proposal include:
-the development of a Petri-net based dynamic RBAC model that incorporates time constraints. This task also includes modeling a variety of security policies and developing efficient analytical techniques for evaluating the correctness criteria for this model.
-the development of an RBAC formalism that ensures secure interoperability in a heterogeneous multidomain environment for supporting distributed applications. This task also includes designing optimal mediation policies to manage conflicts among domain roles and tasks belonging to applications.