Model of User Access Control to Virtual Machines Based on RT-Family Trust Management Language with Temporal Validity Constraints - Practical Application

Lasota, K; Kozakiewicz, A

  • Journal of Telecommunications and Information Technology;
  • Tom: 3;
  • Strony: 13-21;
  • 2012;

The paper presents an application of an RT-family trust management language as a basis for an access control model. The discussion concerns a secure workstation running multiple virtual machines used to process sensitive information from multiple security domains, providing strict separation of the domains. The users may act in several different roles, with different access rights. The inference mechanisms of the language are used to translate credentials allowing users to access different functional domains, and assigning virtual machines to these domains into clear rules, regulating the rights of a particular user to a particular machine, taking into account different periods of validity of different credentials. The paper also describes a prototype implementation of the model.

Keywords: security, control