Abstract
There are more challenges for authorization in service-oriented virtual organization. In this paper we propose a novel authorization mechanism for virtual organization, which uses the threshold signature scheme for authorization management and voting mechanism for decision-making. We design three protocols in the authorization mechanism: authorization acquisition protocol, authorization revocation protocol, and secure interaction protocol. Our solution can satisfy the dynamic coalition requirement of virtual organization, and also guarantee the autonomous characteristic of participant organizations and service entities. Privacy preservation is also provided for service entities to interact with authorized entities.
This paper is supported by National Science Foundation under grant 90412010 and ChinaGrid Project from Ministry of Education.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Alfieri, R., et al.: VOMS: an authorization system for virtual organizations, DataService Project (2003), http://service-auth.infn.it/docs/VOMS-Santiago.pdf
Boneh, D., Franklin, M.: Identity-Based Encryption from the Weil Pairing. In: Kilian, J. (ed.) CRYPTO 2001. LNCS, vol. 2139, pp. 213–229. Springer, Heidelberg (2001)
Boneh, D., Lynn, B., Shacham, H.: Short signatures from the weil pairing. Journal of Cryptology 17(4), 297–319 (2004)
Chadwick, D., Otenko, A.: The Permis X.509 role based privilege management infrastructure. In: Proc. the 7th ACM Symposium on Access Control Models and Technologies, Monterey, pp. 135–140 (2002)
Feldman, P.: A Practical Scheme for Non-interactive Verifiable Secret Sharing. In: Proc. 28th Symposium on Foundations of Computer Science (FOCS), pp. 427–437 (1987)
Qiang, W., Jin, W., Shi, X., Zou, D.: VO-Sec: An Access Control Framework for Dynamic Virtual Organization. In: Boyd, C., González Nieto, J.M. (eds.) ACISP 2005. LNCS, vol. 3574, pp. 370–381. Springer, Heidelberg (2005)
Qiang, W., Jin, W., Shi, X., Zou, D.: Joint Management of Authorization for Dynamic Virtual Organization. In: Proceedings of the 5th International Conference on Computer and Information Technology (CIT 2005) (2005)
Khurana, H., Gligor, V., Linn, J.: Reasoning about joint administration of access policies for coalition resources. In: Proc. the 22nd International Conference on Distributed Computing Systems, Vienna, pp. 429–443 (2002)
Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: A community authorization service for group collaboration. In: Proc. the 3rd International Workshop on Policies for Distributed Systems and Networks, Monterey (2002)
Thompson, M., Johnston, W., Mudumbai, S., Hoo, G., Jackson, K., Essiari, A.: Certificate-based access control for widely distributed resources. In: Proc. the Eighth Usenix Security Symposium (1999)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Jin, H., Qiang, W., Shi, X., Zou, D. (2005). A Novel Authorization Mechanism for Service-Oriented Virtual Organization. In: Yolum, p., Güngör, T., Gürgen, F., Özturan, C. (eds) Computer and Information Sciences - ISCIS 2005. ISCIS 2005. Lecture Notes in Computer Science, vol 3733. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11569596_41
Download citation
DOI: https://doi.org/10.1007/11569596_41
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-29414-6
Online ISBN: 978-3-540-32085-2
eBook Packages: Computer ScienceComputer Science (R0)