More Web Proxy on the site http://driver.im/

research-article

An interoperation framework for secure collaboration among organizations

Authors:

Isabel F. Cruz,

Greg JarzabAuthors Info & Claims

SPRINGL '10: Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS

Pages 4 - 11

https://doi.org/10.1145/1868470.1868474

Published: 02 November 2010 Publication History

Abstract

In this paper we propose a framework for supporting interoperation between access control systems of different organizations in a collaborative environment. We assume that each organization regulates access to resources using the role based access control (RBAC) model. We define the scope of collaboration as the set of shared resources, of shared operations that those resources can execute, and of roles that can execute those operations. We address collaborative scenarios in which the scope of collaboration changes based on autonomous sharing policies of each organization. We assume that resources are mobile and that their operations can be executed only at the location in which they reside. Our framework supports queries about location of resources, of operations that those resources can execute, and of access rights that allow the execution of those operations. In order to support this type of queries, the RBAC policies of the collaborating organizations are integrated into a global RBAC policy that acts as a mediator. Our framework uses the Web Ontology Language (OWL) to represent: 1) the global RBAC policy; 2) the local RBAC policies belonging to different organizations; and 3) relationships between the global and local RBAC policies.

References

[1]

F. Baader, D. Calvanese, D. L. McGuinness, D. Nardi, and P. F. Patel-Schneider. The Description Logic Handbook: Theory, Implementation, and Applications. Cambridge University Press, Cambridge UK, 2003.

Digital Library

[2]

S. Bechhofer, F. van Harmelen, J. Hendler, I. Horrocks, D. L. McGuinness, P. F. Patel-Schneider, and L. A. Stein. OWL Web Ontology Language reference. Technical report, World Wide Web Consortium, 2004. http://www.w3.org/TR/owl-ref/.

[3]

E. Bertino, B. Catania, M. L. Damiani, and P. Perlasca. GEO-RBAC: A Spatially Aware RBAC. In ACM Symposium on Access Control Models and Technologies (SACMAT), pages 29--37. ACM, 2005.

Digital Library

[4]

I. F. Cruz, R. Gjomemo, B. Lin, and M. Orsini. A Constraint and Attribute Based Security Framework for Dynamic Role Assignment in Collaborative Environments. In International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), pages 1--18. Springer, 2008.

[5]

S. Dawson, S. Qian, and P. Samarati. Providing Security and Interoperation of Heterogeneous Systems. Distrib. Parallel Databases, 8(1):119--145, 2000.

Digital Library

[6]

S. Du and J. B. D. Joshi. Supporting Authorization Query and Inter-domain Role Mapping in Presence of Hybrid Role Hierarchy. In ACM Symposium on Access Control Models and Technologies (SACMAT), pages 228--236. ACM, 2006.

Digital Library

[7]

L. Gong and X. Qian. Computational Issues in Secure Interoperation. IEEE Trans. Softw. Eng., 22(1):43--52, 1996.

Digital Library

[8]

J. B. Joshi, R. Bhatti, E. Bertino, and A. Ghafoor. Access-Control Language for Multidomain Environments. IEEE Internet Computing, 8:40--50, 2004.

Digital Library

[9]

J. B. D. Joshi, E. Bertino, and A. Ghafoor. Temporal Hierarchies and Inheritance Semantics for GTRBAC. In ACM Symposium on Access Control Models and Technologies (SACMAT), pages 74--83. ACM, 2002.

Digital Library

[10]

M. Lenzerini. Data Integration: a Theoretical Perspective. In ACM SIGMOD-SIGACT-SIGART Symposium on Principles of Database Systems (PODS), pages 233--246. ACM, 2002.

Digital Library

[11]

E. Prud'hommeaux and A. Seaborne. SPARQL Query Language for Rdf. Technical report, World Wide Web Consortium, 2007.

[12]

R. S. Sandhu, E. J. Coyne, H. L. Feinstein, and C. E. Youman. Role-Based Access Control Models. Computer, 29(2):38--47, 1996.

Digital Library

[13]

B. Shafiq, J. B. D. Joshi, E. Bertino, and A. Ghafoor. Secure Interoperation in a Multidomain Environment Employing RBAC Policies. IEEE Trans. on Knowl. and Data Eng., 17(11):1557--1577, 2005.

Digital Library

[14]

M. Shehab, E. Bertino, and A. Ghafoor. SERAT: SEcure Role mApping Technique for Decentralized Secure Interoperability. In ACM Symposium on Access Control Models and Technologies (SACMAT), pages 159--167. ACM, 2005.

Digital Library

[15]

N. N. Vuong, G. Smith, and Y. Deng. Managing Security Policies in a Distributed Environment Using eXtensible Markup Language (XML). In ACM Symposium on Applied Computing (SAC), pages 405--411. ACM, 2001.

Digital Library

Cited By

Nageba ERubel PFayn JCamacho DAkerkar RRodriguez Moreno M(2013)Semantic agent system for automatic mobilization of distributed and heterogeneous resourcesProceedings of the 3rd International Conference on Web Intelligence, Mining and Semantics10.1145/2479787.2479810(1-9)Online publication date: 12-Jun-2013
https://dl.acm.org/doi/10.1145/2479787.2479810
Fan BLiang XLuo YBo YXia C(2011)Conflict Detection Model of Access Control Policy in Collaborative EnvironmentProceedings of the 2011 International Conference on Computational and Information Sciences10.1109/ICCIS.2011.112(377-381)Online publication date: 21-Oct-2011
https://dl.acm.org/doi/10.1109/ICCIS.2011.112

Index Terms

An interoperation framework for secure collaboration among organizations
1. Human-centered computing
  1. Visualization
    1. Visualization application domains
      1. Geographic visualization
2. Information systems
  1. Data management systems
  2. Information systems applications
    1. Spatial-temporal systems

Recommendations

Enforcing Separation of Duty in Ad Hoc Collaboration
ICYCS '08: Proceedings of the 2008 The 9th International Conference for Young Computer Scientists

By collaboration, domains share resources effectively. To maintain security properties of individual domains during collaboration is a key issue. When domains employing heterogeneous RBAC policies collaborate by crossdomain role-role mappings, their ...
A secure collaboration service for dynamic virtual organizations

Nowadays, various promising paradigms of distributed computing over the Internet, such as Grids, P2P and Clouds, have emerged for resource sharing and collaboration. To enable resources sharing and collaboration across different domains in an open ...
An RBAC Framework for Time Constrained Secure Interoperation in Multi-domain Environments
WORDS '05: Proceedings of the 10th IEEE International Workshop on Object-Oriented Real-Time Dependable Systems

In emerging e-commerce applications, time constrained information sharing between different systems is becoming a common phenomenon. A flexible and efficient mechanism is needed to support short term time-based sharing policies between transient ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Conferences

SPRINGL '10: Proceedings of the 3rd ACM SIGSPATIAL International Workshop on Security and Privacy in GIS and LBS

November 2010

76 pages

ISBN:9781450304351

DOI:10.1145/1868470

General Chair:
Elisa Bertino
Purdue University
,
Program Chairs:
Maria Luisa Damiani
University of Milan, Italy
,
Yücel Saygin
Sabanci University, Turkey

Copyright © 2010 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSPATIAL: ACM Special Interest Group on Spatial Information

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 02 November 2010

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Funding Sources

Division of Information and Intelligent Systems

Conference

GIS '10

Sponsor:

SIGSPATIAL

GIS '10: 18th SIGSPATIAL International Conference on Advances in Geographic Information Systems

November 2, 2010

California, San Jose

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
160
Total Downloads

Downloads (Last 12 months)3
Downloads (Last 6 weeks)0

Reflects downloads up to 26 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

Nageba ERubel PFayn JCamacho DAkerkar RRodriguez Moreno M(2013)Semantic agent system for automatic mobilization of distributed and heterogeneous resourcesProceedings of the 3rd International Conference on Web Intelligence, Mining and Semantics10.1145/2479787.2479810(1-9)Online publication date: 12-Jun-2013
https://dl.acm.org/doi/10.1145/2479787.2479810
Fan BLiang XLuo YBo YXia C(2011)Conflict Detection Model of Access Control Policy in Collaborative EnvironmentProceedings of the 2011 International Conference on Computational and Information Sciences10.1109/ICCIS.2011.112(377-381)Online publication date: 21-Oct-2011
https://dl.acm.org/doi/10.1109/ICCIS.2011.112

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Media

Figures

Other

Tables

View Table of Contents