Secure interoperation design in multi-domains environments based on colored Petri nets

摘要

In a multi-domains application environment, distributed multiple organizations interoperate with each other. The local access control policies should correspondingly be integrated together in order to allow users of one domain to interact with each others. One of the key challenges of integrating policies is conflict detection and resolution while preserving policy consistency. This paper addresses several types of potential conflicts and consistency properties with a systematic and rigorous approach: graph theory, network flow technology and colored Petri nets are applied for specifying and verifying a secure interoperation design. The component-based integration of policies is applicable for both static and dynamic multi-domains environments.