Information Technology Reference
In-Depth Information
to improve the granularity of authorization management in virtualization fields.
The contributions of this paper are twofold: (1) extends specification of RBAC by
introducing VM (Virtual Machine) and Domain concept, (2) provides a conflict
checking framework for VRBAC policies based on ontology and description logic
technique.
The most significant features of VRBAC model lie in its two new concepts:
VM and Domain. The VM concept is used to indicate a virtual machine which
can be accessed as a resource by a virtual machine user or administrator. Binding
can be set up between a VM instance and its shared resources via the inheritance
relationship. The Domain concept is a property that applied to nearly all RBAC
elements like a tag. It helps to determine if a virtual machine is migrated or
replicated by monitoring the change of the domain tag. In the conflict checking
phase, we convert VRBAC definitions and instances into concepts and asser-
tions in format of description logic, and then construct some deduce rules from
underlying factors to conflict assertions which would indicate the occurrence of
VRBAC policy conflicts. This paper mainly discussed about how to adapt the
existing RBAC model into the virtualized environment by importing VM and
Domain concepts, and how to check its policy conflicts using description logic
approach. Consequences of experiments show that the well-organized conflict
report generated by our prototype system actually does help to administrators
in finding out possible policy conflicts and dealing with improper authorization
and illegal access.
The rest of the paper is organized as the following. Section 2 investigates
related work showing limitations of previous RBAC model and the originality of
the issues addressed in this paper. Section 3 formally defines the VRBAC model
and shows how it applies in controlling access behaviors of virtualized scenarios.
Section 4 establishes our conflict checking framework by means of ontology and
description logic. Section 5 explains the implementation of the VRBAC conflict-
free access control system based on Active Directory and Xen. Finally section 6
concludes the paper.
2 Related Work
Recently, most of the access control enforcement mechanism is based on a Virtual
Machine Monitor (VMM)[2]. A VMM is a piece of computer software that cre-
ates and runs VMs. An ideal VMM architecture should be able to provide com-
plete isolation and sucient integrity for the VMs[3]. Meantime, some security-
purpose VMM systems have been developed[4-6]. We can implant a specified
access control mechanism via inserting security layer without modifying exist-
ing guest operating systems. Multi-level security between virtual machines has
been studied from the perspective of extended BLP model[7], however, the in-
volvement with the out-of-date mandatory access control (MAC) makes this
approach inapplicable in modern systems. The Flexible Authorization Manager
Framework (FAM)[8] enables the integration of multiple access control frame-
works within a single model. This approach specifies one description language to
 
Search WWH ::




Custom Search