VRBAC: An Extended RBAC Model for Virtualized Environment and Its Conflict Checking Approach - Frontiers in Internet Technologies

Information Technology Reference

In-Depth Information

:atomic-concepts ( Subject Resource Operation Action

Domain ) :extends ( Top )

:atomic-concepts ( VM ) :extends( Resource )

( has_Subject :dom Policy :ran Subject )

( has_Resource :dom Policy :ran Resource )

( has_VM :dom Policy :ran VM )

( has_Operation :dom Policy :ran Operation )

( has_Action :dom Policy :ran Action )

( with_Domain :dom Subject , Resource :ran Domain )

( has_subSubject :transitive :dom Subject :ran Subject )

( has_Subject_Overlap :dom Subject :ran Subject )

( has_subResource :transitive :dom Resource :ran Resource )

( has_Resource_Overlap :dom Resource :ran Resource )

( has_Operation_Overlap :dom Operation :ran Operation )

( has_Action_Overlap :dom Action :ran Action )

( has_Domain_Conflict :dom Policy :ran Policy )

( has_Migration_Conflict :dom Policy :ran Policy )

( has_SoD_Conflict :dom Policy :ran Policy )

Fig. 5. TBox of VRBAC model

•

has subResource (? r 1 , ? r 2)

∧

has subResource (? r 2 , ? r 3)

ₒ

has subResource (? r 1 , ? r 3)

The first rule indicates that when ?s1 has ?s2 as its child subject and ?s2 also

has ?s3 as its child subject, we can gain that ?s3 is a child subject of ?s1. In

another word, these two rules furnish the inheritance assertions of Subject and

Resource with transitivity. Then there comes 3 primary rules which map exactly

into 3 types of conflicts:

The rule for Dom-C:

•

has subject (? p 1 , ? s 1)

∧

has subject (? p 2 , ? s 2)

∧

has subSubject (? s 1 , ? s 2)

∧

with Domain (? s 1 , ? d 1)

∧

with Domain (? s 2 , ? d 2)

∧¬

has Relation

(? d 1 , ? d 2)

ₒ

has DomC (? p 1 , ? p 2)

This rule means that the subject belonging to domain ?d1 cannot hold an

inheritance relation with the subject belonging to domain ?d2, if not, the two

relevant policies would lead to Dom-C type conflict.

The rule for Mig-C:

•

has VM (? p 1 , ? v 1)

∧

has VM (? p 2 , ? v 2)

∧

with Domain (? v 1 , ? d 1)

∧

with Domain (? v 2 , ? d 2)

∧¬

same (? d 1 , ? d 2)

∧

same (? v 1 , ? v 2)

ₒ

has MigC (? p 1 , ? p 2)

This rule indicates that the virtual machine migrated from another domain

must modify its identity immediately when the operation finished, or a Mig-C

Frontiers in Internet Technologies

Search WWH ::

Custom Search

Home