Abstract. This contribution gives an overview of various access control strategies in use in contemporary healthcare scenarios and shows how a broad variety of respective policies can be covered by a single security policy model (UCON). Based on this policy model, the core of this contribution consists in the specialization of the SECTET framework for Model Driven Security towards a Domain Architecture that comprises a Domain Specific Language for healthcare scenarios supporting the modelling of policies with advanced access control requirements, a target architecture for the enforcement of these requirements and model-to-code transformations. 1

ISSN 1476-2986 Global Computing is a vision of a massively networked infrastructure supporting a large population of diverse but cooperating entities. Similar to ubiquitous computing, entities of global computing will operate in environments that are dynamic and unpredictable, requiring them to be capable of dealing with unexpected interactions and previously unknown principals using an unreliable infrastructure. These properties will pose new security challenges that are not adequately addressed by existing security models and mechanisms. Traditionally privileges are statically encoded as security policy, and while rôle-based access control introduces a layer of abstraction between privilege and identity, rôles, privileges and context must still be known in advance of any interaction taking place. Human society has developed the mechanism of trust to overcome initial suspicion and gradually evolve privileges. Trust successfully enables collaboration

Owners of systems and resources usually want to control who can access them. This must be based on having a process for authorising certain parties, combined with mechanisms for enforcing that only authorised parties are actually able to access those systems and resources. In distributed systems, the authorisation process can include negative authorisation (e.g. black listing), and delegation of authorisation rights, which potentially can lead to conflicts. This paper describes a method for giving authorisations through a delegation network, and where each delegation and authorisation is expressed in the form of a belief measure. An entity's total authorisation for a given resource object and access type can be derived by analysing the delegation network using subjective logic. Access decisions are made by comparing the derived authorisation measure with required threshold levels, which makes authorisations non-categorical. By setting the threshold level higher than the assigned measure of a single authorisation, it is possible to require multiple authorisations for accessing specific resources. The model is simple, intuitive and algebraic.

Middleware influenced the research community in developing a number of systems for controlling access to distributed resources. Nowadays a new paradigm for lightweight integration of business resources has started to hold Business Processes for Web Services. Authorization and access control policies for Web Services protocols and distributed systems are well-studied and standardized, but there is not yet a comprehensive proposal for distributed access control architecture. This paper surveys the available approaches and analyzes them for a better understanding of what these systems have and what they still need to address the security challenges.

This paper proposes a modern credential access control approach which allows the organizations to provide their resources/services on the internet and grant access rights to users by employing Cryptographic Pseudonymous Signature. The concepts of Modern Credentials and Pseudonymous Signature are proposed with respect to Pseudonymous Identification Scheme to facilitate pseudonymity in access control service. These mechanisms highly protect the privacy rights of users and organizations and resolve the problem of scalability in identity and key-based access control systems: The prover keeps anonymous to verifier by informing the pseudonyms to receiver, and the receiver can not identify the sender from his pseudonym, but upon verifying the pseudonymous signature he can be ensured that the pseudonym belong to a trusted anonymous user from the trusted domain.

This paper presented a scheme for distributed authentication and authorizations for Internet-scale environments. Among the primary motivations of this work was to overcome the shortcomings of traditional schemes used for this purpose, and to establish a privilege management infrastructure enabling single sign on functionality across multiple domains. The proposed scheme shall be investigated further and a prototype implementation shall be delivered as a future goal