Secure resource sharing on cross-organization collaboration using a novel trust method

Authors:
Tsung-Yi Chen;Yuh-Min Chen;Chin-Bin Wang;Hui-Chuan Chu;Huimei Yang
Affiliations:
Institute of Manufacturing Engineering, National Cheng Kung University, Tainan, Taiwan and Electronic Comerence Management Department, Nan Hua University, Chia-Yi, Taiwan;Institute of Manufacturing Engineering, National Cheng Kung University, Tainan, Taiwan;Electronic Comerence Management Department, Nan Hua University, Chia-Yi, Taiwan;National University of Tainan, Tainan, Taiwan;Department of Business Administration, Tatung Institute of Commerce and Technology, Chia-Yi, Taiwan, ROC
Venue:
Robotics and Computer-Integrated Manufacturing
Year:
2007

Citing 15
Cited 4

Information sharing and security in dynamic coalitions

SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Automated cross-organisational trust establishment on extranets

ITVE '01 Proceedings of the workshop on Information technology for virtual enterprises
Designing Role Hierarchies for Access Control in Workflow Systems

COMPSAC '01 Proceedings of the 25th International Computer Software and Applications Conference on Invigorating Software Development
Supporting information access rights and visibility levels in virtual enterprises

Proceedings of the IFIP TC5/WG5.3 Second IFIP Working Conference on Infrastructures for Virtual Organizations: Managing Cooperation in Virtual Organizations and Electronic Busimess towards Smart Organizations: E-Business and Virtual Enterprises: Managing Business-to-Business Cooperation
An administration concept for the enterprise role-based access control model

Proceedings of the eighth ACM symposium on Access control models and technologies
Role-based access control for collaborative enterprise in peer-to-peer computing environments

Proceedings of the eighth ACM symposium on Access control models and technologies
A Model for Attribute-Based User-Role Assignment

ACSAC '02 Proceedings of the 18th Annual Computer Security Applications Conference
Trust for Ubiquitous, Transparent Collaboration

PERCOM '03 Proceedings of the First IEEE International Conference on Pervasive Computing and Communications
Specification and Classification of Role-based Authorization Policies

WETICE '03 Proceedings of the Twelfth International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises
Administration of an RBAC System

HICSS '04 Proceedings of the Proceedings of the 37th Annual Hawaii International Conference on System Sciences (HICSS'04) - Track 7 - Volume 7
Using trust and risk in role-based access control policies

Proceedings of the ninth ACM symposium on Access control models and technologies
A Trust based Access Control Framework for P2P File-Sharing Systems

HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Volume 09
Beyond proof-of-compliance: security analysis in trust management

Journal of the ACM (JACM)
Component based trust management in the context of a virtual organization

Proceedings of the 2005 ACM symposium on Applied computing
Study on information sharing in supply chain

ICEC '05 Proceedings of the 7th international conference on Electronic commerce

Knowledge sharing in virtual enterprises via an ontology-based access control approach

Computers in Industry
A security policy framework for context-aware and user preferences in e-services

Journal of Systems Architecture: the EUROMICRO Journal
Managing invisible users in interactive networked collaborative environment

CIT'11 Proceedings of the 5th WSEAS international conference on Communications and information technology
Peer enterprises: design and implementation of a cross-organisational peer-to-peer framework

International Journal of Communication Networks and Distributed Systems

Quantified Score

Hi-index	0.00

Visualization

Abstract

A virtual enterprise (VE) consists of a network of independent, geographically dispersed administrative business domains that collaborate with each other by sharing business processes and resources across enterprises to provide a value-added service to customers. Therefore, the success of a VE relies on full information transparency and appropriate resource sharing, making security and trust among subjects significant issues. Trust evaluation to ensure information security is most complicated in a VE involving cross-organization collaboration. This study presents a virtual enterprise access control (VEAC) model to enable resource sharing for collaborative operations in the VE. A scenario for authentication and authorization in the life cycle of a VE is then described to identify the main activities for controlling access. Also developed herein is a trust evaluation method based on the VEAC model to improve its security while safeguarding sensitive resources to support collaborative activities. The trust evaluation method involves two trust evaluation sub-models, one to evaluate the level of trust between two virtual enterprise roles, and another to measure the level of trust between two projects. The two sub-models support each other to make resource-sharing decisions, and are developed based on the concepts of direct, indirect, and negative trust factors. Finally, an example of measuring the trust between two subjects is demonstrated after introducing the two sub-models. The VEAC-based trust evaluation method enables the following: (1) secure resource sharing across projects and enterprises, (2) collaborative operation among participating workers, (3) increased information transparency and (4) lowered information delay in VEs.