Sharing manufacturing information in virtual enterprises
Communications of the ACM
Information distortion in a supply chain: the bullwhip effect
Management Science - Special issue on frontier research in manufacturing and logistics
A role-based access control model and reference implementation within a corporate intranet
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
The NIST model for role-based access control: towards a unified standard
RBAC '00 Proceedings of the fifth ACM workshop on Role-based access control
A scenario-driven role engineering process for functional RBAC roles
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
COCA: A secure distributed online certification authority
ACM Transactions on Computer Systems (TOCS)
IEEE Intelligent Systems
Firewalls and Internet Security: Repelling the Wily Hacker
Firewalls and Internet Security: Repelling the Wily Hacker
Service -Oriented Computing: Concepts, Characteristics and Directions
WISE '03 Proceedings of the Fourth International Conference on Web Information Systems Engineering
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
Supply Chain Inventory Management and the Value of Shared Information
Management Science
An Approach to Extract RBAC Models from BPEL4WS Processes
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Enterprise information integration: successes, challenges and controversies
Proceedings of the 2005 ACM SIGMOD international conference on Management of data
Digital Identity
Decision Support Systems - Special issue: Collaborative work and knowledge management
Model driven security: From UML models to access control infrastructures
ACM Transactions on Software Engineering and Methodology (TOSEM)
Secure resource description framework: an access control model
Proceedings of the eleventh ACM symposium on Access control models and technologies
Privacy Preserving Trust Authorization Framework Using XACML
WOWMOM '06 Proceedings of the 2006 International Symposium on on World of Wireless, Mobile and Multimedia Networks
IEEE Transactions on Knowledge and Data Engineering
Role-Based Access Control, Second Edition
Role-Based Access Control, Second Edition
Building Trustworthy Semantic Webs
Building Trustworthy Semantic Webs
Secure and useful data sharing
Decision Support Systems
A strategic analysis of inter organizational information sharing
Decision Support Systems
Standards for secure data sharing across organizations
Computer Standards & Interfaces
Accessing information sharing and information quality in supply chain management
Decision Support Systems
Supply chain information sharing in a macro prediction market
Decision Support Systems
International Journal of Electronic Commerce
XACML Policy Integration Algorithms
ACM Transactions on Information and System Security (TISSEC)
Near-Term Prospects for Semantic Technologies
IEEE Intelligent Systems
Privacy and Identity Management
IEEE Security and Privacy
Securing Workflows with XACML, RDF and BPEL
Proceeedings of the 22nd annual IFIP WG 11.3 working conference on Data and Applications Security
Soa security
Electronic Commerce Research and Applications
A Design Science Research Methodology for Information Systems Research
Journal of Management Information Systems
A Model-Driven Approach for the Specification and Analysis of Access Control Policies
OTM '08 Proceedings of the OTM 2008 Confederated International Conferences, CoopIS, DOA, GADA, IS, and ODBASE 2008. Part II on On the Move to Meaningful Internet Systems
C-SPARQL: SPARQL for continuous querying
Proceedings of the 18th international conference on World wide web
SOA in reconfigurable supply chains: A research roadmap
Engineering Applications of Artificial Intelligence
Estimating the market impact of security breach announcements on firm values
Information and Management
Scenario-Driven Role Engineering
IEEE Security and Privacy
Deriving XACML policies from business process models
WISE'07 Proceedings of the 2007 international conference on Web information systems engineering
Enabling advanced and context-dependent access control in RDF stores
ISWC'07/ASWC'07 Proceedings of the 6th international The semantic web and 2nd Asian conference on Asian semantic web conference
Streaming SPARQL extending SPARQL to process data streams
ESWC'08 Proceedings of the 5th European semantic web conference on The semantic web: research and applications
The impact of business analytics on supply chain performance
Decision Support Systems
Aletheia--Improving Industrial Service Lifecycle Management by Semantic Data Federations
AINA '10 Proceedings of the 2010 24th IEEE International Conference on Advanced Information Networking and Applications
EP-SPARQL: a unified language for event processing and stream reasoning
Proceedings of the 20th international conference on World wide web
Design science in information systems research
MIS Quarterly
Engineering Policies for Secure Interorganizational Information Flow
EDOCW '11 Proceedings of the 2011 IEEE 15th International Enterprise Distributed Object Computing Conference Workshops
SGII: towards semantic grid-based enterprise information integration
GCC'05 Proceedings of the 4th international conference on Grid and Cooperative Computing
Hi-index | 0.00 |
A fundamental challenge for product-lifecycle management in collaborative value networks is to utilize the vast amount of product information available from heterogeneous sources in order to improve business analytics, decision support, and processes. This becomes even more challenging if those sources are distributed across multiple organizations. Federations of semantic information services, combining service-orientation and semantic technologies, provide a promising solution for this problem. However, without proper measures to establish information security, companies will be reluctant to join an information federation, which could lead to serious adoption barriers. Following the design science paradigm, this paper presents general objectives and a process for designing a secure federation of semantic information services. Furthermore, new as well as established security measures are discussed. Here, our contributions include an access-control enforcement system for semantic information services and a process for modeling access-control policies across organizations. In addition, a comprehensive security architecture is presented. An implementation of the architecture in the context of an application scenario and several performance experiments demonstrate the practical viability of our approach.