Role-Based Access Control Models
Computer
Protection in operating systems
Communications of the ACM
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
The P2P Approach to Interorganizational Workflows
CAiSE '01 Proceedings of the 13th International Conference on Advanced Information Systems Engineering
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
Authorization and Attribute Certificates for Widely Distributed Access Control
WETICE '98 Proceedings of the 7th Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Dynamic access control through Petri net workflows
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
An Approach to Extract RBAC Models from BPEL4WS Processes
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
VO-based Dynamic Security Associations in Collaborative Grid Environment
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
Proceedings of the 3rd ACM workshop on Secure web services
Comparison of performance of Web services, WS-Security, RMI, and RMI-SSL
Journal of Systems and Software - Special issue: Quality software
From business process choreography to authorization policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
TrustBus'07 Proceedings of the 4th international conference on Trust, Privacy and Security in Digital Business
Security-aware web service composition approaches: state-of-the-art
Proceedings of the 13th International Conference on Information Integration and Web-based Applications and Services
| Hi-index | 0.00 |
Virtual organizations (VO) temporarily aggregate resources of different domains to achieve a common goal. Web services are being positioned as the technological framework for achieving this aggregation in the context of cross-organizational business applications. Numerous architectures have been proposed for securing VOs, mostly for scientific research, such that they do not address all the requirements of business-oriented applications. This paper describes these additional requirements and proposes a novel architecture and approach to managing VO access control policies. Business users can focus on designing business processes, exposing web services and managing their VO partnerships, while the architecture supports and secures the web service interactions involved.