Role-Based Access Control Models
Computer
A security architecture for computational grids
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Access Control: Policies, Models, and Mechanisms
FOSAD '00 Revised versions of lectures given during the IFIP WG 1.7 International School on Foundations of Security Analysis and Design on Foundations of Security Analysis and Design: Tutorial Lectures
KeyNote: Trust Management for Public-Key Infrastructures (Position Paper)
Proceedings of the 6th International Workshop on Security Protocols
The PERMIS X.509 role based privilege management infrastructure
Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
The Anatomy of the Grid: Enabling Scalable Virtual Organizations
International Journal of High Performance Computing Applications
VO-based Dynamic Security Associations in Collaborative Grid Environment
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
From business process choreography to authorization policies
DBSEC'06 Proceedings of the 20th IFIP WG 11.3 working conference on Data and Applications Security
Security architecture for virtual organizations of business web services
Journal of Systems Architecture: the EUROMICRO Journal
Hi-index | 0.00 |
In this paper we propose a security architecture and mechanism for Virtual Organizations (VO) for businesses. The VOs we consider are based on web service technology to address interoperability issues and cater for future business software, and are dynamic, i.e. their membership may change frequently throughout their lifetime. We improve over previous approaches in the following aspect: We have designed, implemented and evaluated a comprehensive security mechanism for our architecture that can protect both the web services in the VO and the VO management services. The security policies of VO management are enforced by inspecting the request for the encodings of parameters that are relevant to the policy decision. The basic idea may be applicable to other web service based software with data-dependent security policies, e.g. databases.