ABSTRACT
In this paper, we investigate the effectiveness and appropriateness of several existing security mechanisms for a Digital Ecosystem (DE) environment. DE is characterized as an open and dynamic environment where the interaction and collaboration between its entities are highly promoted. A major requirement to promote such intensive interaction and collaboration is the ability to secure and uphold the confidentiality, integrity and non-repudiation of shared resources and information. However, current developments of such security mechanisms for protecting the shared resources are still in their infancy. Most of the proposed protection frameworks do not provide a scalable and effective mechanism for engaging multiple interacting entities to protect their resources. This is even a greater issue when multiple resources are exchanged and shared in an open and dynamic environment such as DE. Therefore, we propose a distributed mechanism for enterprises to manage their authentication and authorization processes with an aim to provide a rigorous protection of entities' resources.
- D. Boughaci and H. Drias, "A secure e-transaction model for e-commerce," presented at the IEEE GCC Conference (GCC), Manama, 2006.Google Scholar
- C. Potter and A. Beard, "Information Security Breaches Survey 2010," PricewaterhouseCoopers, Technical Report, 2010.Google Scholar
- Pö, P. ltner, and T. Grechenig, "A joint infrastructure of "digital corporate organisms" as facilitator for a virtual digital retail ecosystem," presented at the 4th IEEE International Conference on Digital Ecosystems and Technologies (DEST), Dubai, 2010.Google Scholar
- F. Ying-lan, H. Bing, and L. Y.-b.;, "Research and Implementation of Key Technology Based on Internet Encryption and Authentication," International Conference on Networking and Digital Society (ICNDS '09), 2009. Google ScholarDigital Library
- X. Tian and W. Dai, "Study on Information Management and Security of E-commerce System," presented at the International Symposium on Intelligence Information Processing and Trusted Computing (IPTC), Huanggang, China, 2010. Google ScholarDigital Library
- H. Koshutanski, et al., "Distributed Identity Management Model for Digital Ecosystems," presented at the International Conference on Emerging Security Information, Systems and Technologies (Securware'07), Valencia, 2007. Google ScholarDigital Library
- J. M. Seigneur, "Demonstration of security through collaborative in digital business ecosystem," in Proceedings of the IEEE SECOVAL Workshop, Athens, Greece, 2005.Google Scholar
- J. Hughes and E. Maler, "Security Assertion Markup Language (SAML) v. 2.0 Technical Overview," OASIS, Working Paper, 2005.Google Scholar
- L. Alliance. (February 2011). Liberty Aliance Project. Available: http://www.projectliberty.org/Google Scholar
- J. M. Seigneur, "Demonstration of security through collaborative in digital business ecosystem," in Proceedings of the IEEE SECOVAL Workshop, Athens, Greece, 2005.Google Scholar
- J. Novotny, "An online credential repository for the Grid: MyProxy," in Proceedings of the IEEE Tenth International Symposium on High Performance Distributed Computing (HPDC-10), San Fransisco, USA, 2001. Google ScholarDigital Library
- W. Chou. (2002) Inside SSL: The Secure Sockets Layer Protocol. IEEE Computer Society: IT Professional Google ScholarDigital Library
- L. Pearlman, et al., "A Community Authorization Service for Group Collaboration," in Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks, Monterey, USA, 2002. Google ScholarDigital Library
- M. Thompson, et al., "Certificate-based access control for widely distributed resources," in Proceedings of the 8th conference on USENIX Security Symposium, Washington DC, 1999. Google ScholarDigital Library
- J. Weise, "Public Key Infrastructure Overview," Sun Microsystem, Sun BluePrints Online2001.Google Scholar
- H. Boley and E. Chang, "Digital Ecosystem: Principles and Semantics," presented at the Inaugural IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2007), Cairns, Australia, 2007.Google Scholar
- G. Briscoe and P. Wilde, "Digital Ecosystems: Evolving Service-Oriented Architectures," in Proceedings of the 1st international conference on Bio inspired models of network, information and computing systems, New York, USA, 2006. Google ScholarDigital Library
- I. Pranata and G. Skinner, "Managing enterprise authentication and authorization permissions in digital ecosystem"," presented at the 3th IEEE International Conference on Digital Ecosystems and Technologies (DEST), Istanbul, Turkey, 2009.Google Scholar
- I. Pranata and G. Skinner, "Digital ecosystem access control management" WSEAS Transactions on Information Science and Applications, vol. 6, pp. 926--935, 2009. Google ScholarDigital Library
- J. Kennedy, "Distributed infrastructural service," in Digital Ecosystem Technology, F. Nachira, P. Dini, A. Nicolai, M. Le Louarn, and L. R. Leon, Eds.: European Commission: Information Society and Media, 2007.Google Scholar
- W3C. (February 2011). Extensible Markup Language (XML). Available: http://www.w3.org/XML/Google Scholar
- R. Lemos. (2001, March 2011). Microsoft warns of hijacked certificates. Available: http://news.cnet.com/2100-1001-254586.htmlGoogle Scholar
- Sophos. (2011, June 2011). Fraudulent certificates issued by Comodo, is it time to rethink who we trust? Available: http://nakedsecurity.sophos.com/2011/03/24/fraudulent-certificates-issued-by-comodo-is-it-time-to-rethink-who-we-trust/Google Scholar
- P. R. Zimmermann, The Official PGP User's Guide. Massachusetts, USA: MIT Press, 1995. Google ScholarDigital Library
- RSA-Labs. A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths {Bulletin #13}. Available: www.rsasecurity.com/rsalabsGoogle Scholar
Index Terms
- A distributed mechanism for secure collaboration in digital ecosystems
Recommendations
Taxonomy and analysis of security protocols for Internet of Things
AbstractThe Internet of Things (IoT) is a system of physical as well as virtual objects (each with networking capabilities incorporated) that are interconnected to exchange and collect information locally or remotely over the Internet. Since ...
Highlights- We first discuss essential security requirements that are needed to secure IoT environment. We also discuss the threat model and various attacks related to ...
Distributed mechanism for protecting resources in a newly emerged digital ecosystem technology
ICA3PP'11: Proceedings of the 11th international conference on Algorithms and architectures for parallel processing - Volume Part IIDigital Ecosystem (DE) is characterized as an open and dynamic environment where the interaction and collaboration between its entities are highly promoted. A major requirement to promote such intensive interaction and collaboration in a DE environment ...
SecIoT: a security framework for the Internet of Things
The 5th generation wireless system 5G will support Internet of Things IoT by increasing the interconnectivity of electronic devices to support a variety of new and promising networked applications such as the home of the future, environmental monitoring ...
Comments