ABSTRACT
In this paper we propose a security architecture for Virtual Organizations for businesses. The Virtual Organizations we consider are based on web servicetechnology, and are dynamic, i.e. their membership may change frequently throughout its lifetime. The security architecture advances over previous approaches with a new approach for distributed administration based on policy generation which allows local security administrators to remain in complete control over the policies deployed. We show the advantages of our architecture in the case of member replacement.
- Blaze, M., Feigenbaum, J., and Keromytis, A.D. Keynote: Trust management for public-key infrastructures. In 1998 Security Protocols International Workshop (1998).]] Google ScholarDigital Library
- Chadwick, D., and Otenko, O. The permis x.509 role based privilege management infrastructure. In Future Gener. Comput. Syst. (2003), vol. 19 (2), Elsevier Science Publishers B.V., pp. 277--289.]] Google ScholarDigital Library
- Demchenko, Y., Commans, L., de Laat, C., Steenbakkers, M., Ciashini, V., and Venturi, V. Vo-based dynamic security associations in collaborative grid environment. In Workshop on Collaboration and Security (COLSEC) of The 2006 International Symposium on Collaborative Technologies and Systems (CTS) (2006).]] Google ScholarDigital Library
- Foster, I., Kesselman, C., and S.Tuecke. The anatomy of the grid. In International Journal of High Performance Computing Applications (2001), vol. 15 (3), pp. 200--222.]] Google ScholarDigital Library
- Pearlman, L., Welch, V., Foster, I., Kesselman, C., and Tuecke, S. A community authorization service for group collaboration. In IEEE Workshop on Policies for Distributed Systems and Netoworks (2002).]] Google ScholarDigital Library
- Robinson, P., Karabulut, Y., and Haller, J. Dynamic virtual organization management for service oriented enterprise applications. In 1st International Conference on Collaborative Computing (2005).]]Google ScholarCross Ref
- Robinson, P., Kerschbaum, F., and Schaad, A. From business process choreography to authorization policies. In 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (2006).]]Google Scholar
- Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. Role based access control models. In IEEE Computer (1996), vol. 29 (2).]] Google ScholarDigital Library
- Thompson, M., Essiari, A., and Mudumbai, S. Certificate-based authorization policy in a pki environment. In ACM Transactions on Information and System Security (2003), vol. 6 (4), pp. 566--588.]] Google ScholarDigital Library
Index Terms
- A comprehensive security architecture for dynamic, web service based virtual organizations for businesses
Recommendations
Transformation and Aggregation of Web Service Security Requirements
ECOWS '10: Proceedings of the 2010 Eighth IEEE European Conference on Web ServicesService-oriented Architectures support the provision, discovery, and usage of services in different application contexts. The Web Service specifications provide a technical foundation to implement this paradigm and provide mechanisms to face the new ...
Security Architecture of Computer Communication System Based on Internet of Things
ICASIT 2020: Proceedings of the 2020 International Conference on Aviation Safety and Information TechnologyIn large-scale service collaboration environment, security and privacy protection are the main factors affecting the development of IoT service applications. The security and privacy requirements of IoT services mainly focus on three aspects: secure ...
A Comprehensive and Lightweight Security Architecture to Secure the IoT Throughout the Lifecycle of a Device Based on HIMMO
ALGOSENSORS 2015: Revised Selected Papers of the 11th International Symposium on Algorithms for Sensor Systems - Volume 9536Smart objects are devices with computational and communication capabilities connected to the Internet forming the so called Internet of Things IoT. The IoT enables many applications, for instance outdoor lighting control, smart energy and water ...
Comments