The distributed multiple autonomous network has become the main trend of modern information systems, such as Cloud, Service-Oriented Architecture (SOA) and Internet of Things (IoT). Access control in such a heterogeneous and dynamic system has become a major information security challenge, which hinders the sharing of resources and information. In this work, we present an Attribute-Based Access Control (ABAC) model for cross-domain access control. The proposed access control model comprises a boundary control server designed to provide cross-domain access control capability. An eXtensible Access Control Markup Language (XACML) policy model-based implementation is introduced. Process and implementation show the proposed model alleviates the security risk on the domain boundary during the cross-domain access control process.

中文翻译：

---

分布式多自治网络的基于属性的跨域访问控制模型

分布式多自治网络已成为云、面向服务架构（SOA）和物联网（IoT）等现代信息系统的主要趋势。在这样一个异构和动态的系统中，访问控制已成为一个重大的信息安全挑战，阻碍了资源和信息的共享。在这项工作中，我们提出了一种用于跨域访问控制的基于属性的访问控制 (ABAC) 模型。所提出的访问控制模型包括一个边界控制服务器，旨在提供跨域访问控制能力。介绍了一种基于可扩展访问控制标记语言 (XACML) 策略模型的实现。过程和实现表明，该模型缓解了跨域访问控制过程中域边界的安全风险。