Methodologies for Credential Based Access Control for Data Integration in Multiple Data Sources Environment

Abstract

The web based technologies have enabled the modern organizations to share their newlineresources and services over Internet. The decentralized and distributed information newlineinfrastructure of the organizations facilitate sharing of information among large number newlineof users but also pose challenges for access control on integrated data. The required newlinesecurity framework should enable easy and fast access to data integrated from multiple newlinedata sources. There is a need to develop appropriate methodologies that not only newlinegrants access to known or registered users in closed administrative domain but also newlineenables easy access to unknown users in open access environment. Immediate access newlineto critical data may also be required in situations of emergency. newlineWith the development of digital certificate based technology, credential based access newlinecontrol [2, 52, 61, 86, 87, 90, 98, 99, 106, 115, 121, 126, 141, 145] has gained newlineconsiderable popularity. The access decision depends on the various properties newlinepossessed by the user that can be proved by submission of one or more credentials. newlineThe credentials are realized as digital certificates that are verifiable and can be newlinetransmitted electronically. Various credential based access control approaches have newlinebeen developed in which Identity, Attribute and Authorization credentials are being newlineused. newlineIn the present research work, methodologies for credential based access control are newlineproposed that promote sharing of information among large number of users. The newlineproposed methodologies enable open, closed and immediate accesses to users in newlinemultiple data sources environment. An approach called Status Based Access Control newlinehas been proposed that grants easy and immediate access to unknown but genuine newlineusers in open access environment. In this approach, the access decision depends on newlinethe status possessed by the user. By proving the status of a doctor, a user can gain newlineaccess to the medical records of patients or by establishing the status of a professor newlineone can get access to some shared research article.