Title: Enforcing domain segregation in unified cabin data networks
Abstract: In systems of systems designing access control policies is a complex task, especially when each system has its own high-level security policy requirements. There is no general way of expressing policies with generic rules, because policies commonly have scenario-specific characteristics. A graph-based system of systems model is applied, which incorporates an attribute-based approach to model scenario-specific characteristics of policies. The model is based on simple graph and set theoretical methods. The access control system establishes virtual channel objects, which enforce access to a resource. Channels are characterized by attributes of channel source and channel destination. The specific channel characteristics are computed at run-time and policy evaluation is performed on these virtual channel objects. This allows policy design for channels without explicitly knowing a specific channel. The concept is evaluated by simulating three use cases to demonstrate scalability and feasibility.
Publication Year: 2017
Publication Date: 2017-09-01
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
Cited By Count: 2
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot