GARD: Generic access rights delegation framework for collaborative environment

摘要

Delegation of access rights is becoming a common requirement of cloud based organizations. In this regard, various delegation models have been proposed. These models are strongly coupled with their specific access control model (ACM). For instance, if organization has deployed Role based Access Control (RBAC) model then it must use Role Based Delegation Model (RBDM). Similarly, Attribute Based Access Control (ABAC) model requires Attribute Based Delegation (ABDM) and so on. However, when organizations need to work in a collaborative environment, their heterogeneous environment in the context of ACMs, makes the delegation process difficult to achieve. To solve this issue, we have proposed a Generic Access Rights Delegation (GARD) framework for collaborative environment. We have considered group-centric Secure Information Sharing (g-SIS) model to develop a collaborative environment. Our framework generates a delegation policy as per underlying ACM of participating organization, dynamically. GARD provides interoperability between different ACMs during generation of delegation policies.