IEEE Transactions on Software Engineering - Special issue on computer security and privacy
Cryptanalysis and protocol failures
Communications of the ACM
Integrating communication, cooperation, and awareness: the DIVA virtual office environment
CSCW '94 Proceedings of the 1994 ACM conference on Computer supported cooperative work
Firewalls and Internet security: repelling the wily hacker
Firewalls and Internet security: repelling the wily hacker
Role-Based Access Control Models
Computer
A taxonomy for key escrow encryption systems
Communications of the ACM
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Bundling Information Goods: Pricing, Profits, and Efficiency
Management Science
Balancing cooperation and risk in intrusion detection
ACM Transactions on Information and System Security (TISSEC)
Identification of host audit data to detect attacks on low-level IP vulnerabilities
Journal of Computer Security
NetSTAT: a network-based intrusion detection system
Journal of Computer Security
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
The base-rate fallacy and the difficulty of intrusion detection
ACM Transactions on Information and System Security (TISSEC)
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Access control mechanisms for inter-organizational workflow
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Using information security as a response to competitor analysis systems
Communications of the ACM
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Building Internet Firewalls
The economics of information security investment
ACM Transactions on Information and System Security (TISSEC)
MAFRA - A MApping FRAmework for Distributed Ontologies
EKAW '02 Proceedings of the 13th International Conference on Knowledge Engineering and Knowledge Management. Ontologies and the Semantic Web
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
OntoEdit: Collaborative Ontology Development for the Semantic Web
ISWC '02 Proceedings of the First International Semantic Web Conference on The Semantic Web
Developing and Validating Trust Measures for e-Commerce: An Integrative Typology
Information Systems Research
Why Information Security is Hard-An Economic Perspective
ACSAC '01 Proceedings of the 17th Annual Computer Security Applications Conference
A business process-driven approach to security engineering
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
TrustMe: Anonymous Management of Trust Relationships in Decentralized P2P Systems
P2P '03 Proceedings of the 3rd International Conference on Peer-to-Peer Computing
A model for evaluating IT security investments
Communications of the ACM - Has the Internet become indispensable?
Value Webs: Using Ontologies to Bundle Real-World Services
IEEE Intelligent Systems
Evaluating information security investments using the analytic hierarchy process
Communications of the ACM - Medical image modeling
Access control in collaborative systems
ACM Computing Surveys (CSUR)
The Value of Intrusion Detection Systems in Information Technology Security Architecture
Information Systems Research
Supporting conditional delegation in secure workflow management systems
Proceedings of the tenth ACM symposium on Access control models and technologies
Context sensitive access control
Proceedings of the tenth ACM symposium on Access control models and technologies
Welcome to Convergence: Surviving the Next Platform Change
IT Professional
Towards Agricultural Marketing Reforms: Web Services Orchestration Approach
SCC '05 Proceedings of the 2005 IEEE International Conference on Services Computing - Volume 01
Looking Back at the Bell-La Padula Model
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
ITNG '06 Proceedings of the Third International Conference on Information Technology: New Generations
Delegation in the role graph model
Proceedings of the eleventh ACM symposium on Access control models and technologies
An interorganizational knowledge-sharing security model with breach propagation detection
Information Systems Frontiers
Electronic Commerce Research and Applications
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
A Design Science Research Methodology for Information Systems Research
Journal of Management Information Systems
The nature of theory in information systems
MIS Quarterly
A Service-Oriented Web Application Framework
IT Professional
An Interdisciplinary Perspective on IT Services Management and Service Science
Journal of Management Information Systems
Coordination Strategies in an SaaS Supply Chain
Journal of Management Information Systems
Part 2: emerging issues for secure knowledge management-results of a Delphi study
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Data, information and analytics as services
Decision Support Systems
| Hi-index | 0.00 |
Cloud services have become an emerging solution for organizations striving to address today's need for agility, but little research has addressed transitioning multiple, collaborating organizations to what can be referred to as a "value-network cloud." We know that organizations adopting cloud services to execute business processes must concomitantly reconfigure their security solutions for their integrated intra- and inter-organizational collaborations. We address the question, "What is needed to make it possible for an entire value-network to take secure, collaborative business process executions to the cloud?" Future value-network cloud solutions will require completely new security approaches that will leverage contracted brokering solutions operating as part of the cloud solution. We view value-network cloud security service provisioning as a bundle decision characterized by a mix of communication patterns relevant to intra- and inter-enterprise collaboration. We propose a cloud service broker model--using semantics and SLA based middleware--to serve as a trusted interface between the enterprise, cloud service providers and other organizations collaborating in a value-network. The approach enables IT governance for value-network cloud services. The architectural requirements adapt design principles for infrastructure management tailored from approaches to how business cartels historically conducted secure business dealings.