Skip to main content
SpringerLink
Log in

Task-Based Access Control for Virtual Organizations

  • Conference paper
Scientific Engineering of Distributed Java Applications (FIDJI 2004)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 3409))

Abstract

GOLD (Grid-based Information Models to Support the Rapid Innovation of New High Value-Added Chemicals) is concerned with the dynamic formation and management of virtual organisations in order to exploit market opportunities. The project aims to deliver the enabling technology to support the creation, operation and successful dissolution of such virtual organisations. A set of middleware technologies are designed and being implemented to address issues such as trust, security, contract management and monitoring, information management, etc. for virtual collaboration between companies. In this paper we discuss the set of requirements for access control in dynamic virtual organisations that have been defined as part of the trust-related work. We propose a solution, which extends the ideas of role based access control (RBAC), and we examine the use of existing and emerging Web Services technologies as an implementation platform.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Anderson, T., Avizienis, A., Carter, W.: Dependability: Basic Concepts and Terminology. In: Laprie, J.-C. (ed.) Series: Dependable Computing and Fault-Tolerant Systems, vol. 5. Springer, New York (1992)

    Google Scholar 

  2. Coulouris, G., Dollimore, J.: Security Requirements for Cooperative Work: A Model and its System Implications. Presented at 6th Workshop on ACM SIGOPS European Workshop: Matching Operating Systems to Application Needs, Wadern, Germany (1994)

    Google Scholar 

  3. Roshan, K.T., Sandhu, R.S.: Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Authorization Management. Presented at IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects (1997)

    Google Scholar 

  4. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29, 38–47 (1996)

    Google Scholar 

  5. Thomas, R.K.: Team-based Access Control (TMAC): A Primitive for Applying Rolebased Access Controls in Collaborative Environments. Presented at Second ACM Workshop on Role-based Access Control, Fairfax, Virginia, United States (1997)

    Google Scholar 

  6. Periorellis, P., Dobson, J.E.: Case Study Problem Analysis. The Travel Agency Problem, University of Newcastle upon Tyne, Newcastle upon Tyne, UK (2001)

    Google Scholar 

  7. Davies, C.T.: Spheres of Control. IBM Systems Journal 17, 179–198 (1978)

    Article  Google Scholar 

  8. Romanovsky, A.: Coordinated Atomic Actions: How to Remain ACID in the Modern World. ACM SIGSOFT Software Engineering Notes 26, 66–68 (2001)

    Article  Google Scholar 

  9. Zorzo, A.F., Periorellis, P., Romanovsky, A.: Using Coordinated Atomic Actions for Building Complex Web Applications: a Learning Experience. In: Presented at 8th IEEE International Workshop on Object-oriented Real-time Dependable Systems (WORDS 2003), Guadalajara, Mexico (2003)

    Google Scholar 

  10. Service-Oriented Architecture (SOA) Definition, http://www.service-architecture.com/web-services/articles/service-oriented_architecture_soa_definition.html

  11. Ferguson, D.F., Storey, T., Lovering, B., Shewchuk, J.: Secure, Reliable, Transacted Web Services: Architecture and Composition (2003), http://msdn.microsoft.com/webservices/default.aspx?pull=/library/en-us/dnwebsrv/html/wsoverview.asp

  12. He, H.: What is Service-Oriented Architecture (2003), http://webservices.xml.com/pub/a/ws/2003/09/30/soa.html

  13. Parastatidis, S., Webber, J., Watson, P., Rischbeck, T.: WS-GAF: A Grid Application Framework based on Web Services Specifications and Practices. Submitted for publication (2004)

    Google Scholar 

  14. Sprott, D., Wilkes, L.: Understanding Service-Oriented Architecture (2004), http://msdn.microsoft.com/library/en-us/dnmaj/html/aj1soa.asp

  15. Web Services Secure Conversation Language (WS-SecureConversation) (2004), http://msdn.microsoft.com/ws/2004/04/ws-secure-conversation/

  16. Web Services Coordination (WS-Coordination) (2003), http://msdn.microsoft.com/ws/2003/09/wscoor

  17. Web Services Atomic Transaction (WS-AtomicTransaction) (2003), http://msdn.microsoft.com/ws/2003/09/wsat

  18. OASIS(WS-CAF), Web Services Context (WS-CTX), http://www.iona.com/devcenter/standards/WS-CAF/WSCTX.pdf

  19. Rosenberg, J., Remy, D.: Securing Web Services with WS-Security. Sams Publishing, Indianapolis (2004)

    Google Scholar 

  20. OASIS, Web Services Security (WS-Security), http://www.oasis-open.org/committees/wss

  21. Web Services Trust Language (WS-Trust) (2004), http://msdn.microsoft.com/ws/2004/04/wstrust/

  22. Web Services Federation Language (WS-Federation) (2003), http://msdn.microsoft.com/ws/2003/07/ws-federation/

  23. OASIS, Security Assertion Markup Language (SAML) v2.0. (2004), http://www.oasis-open.org/committees/security

  24. OASIS, Extensible Access Control Markup Language (XACML), http://www.oasis-open.org/committees/xacml

  25. Gudgin, M., Hadley, M., Moreau, J.-J., Nielsen, H.F. (eds.): W3C, SOAP Version 1.2 Part 1: Messaging Framework. W3C Recommendations (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computing Science, University of Newcastle, Newcastle upon Tyne, NE1 7RU, UK

    Panos Periorellis & Savas Parastatidis

Authors
  1. Panos Periorellis
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Savas Parastatidis
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Laboratory for Advanced Software Systems, University of Luxembourg, 6, rue Richard Coudenhove-Kalergi, L-1359, Luxembourg-Kirchberg, Luxembourg

    Nicolas Guelfi

  2. DISI, Università di Genova, Italy

    Gianna Reggio

  3. Computer Science School, Newcastle University, UK

    Alexander Romanovsky

Rights and permissions

Reprints and permissions

Copyright information

© 2005 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Periorellis, P., Parastatidis, S. (2005). Task-Based Access Control for Virtual Organizations. In: Guelfi, N., Reggio, G., Romanovsky, A. (eds) Scientific Engineering of Distributed Java Applications. FIDJI 2004. Lecture Notes in Computer Science, vol 3409. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-31869-9_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-31869-9_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-25053-1

  • Online ISBN: 978-3-540-31869-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation