A security framework for dynamic collaborative working environments

Moving away from simple data sharing within the science community towards cross-organizational collaboration scenarios significantly increased challenges related to security and privacy. They need to be addressed in order to make cross-organizational applications such as collaborative working environments a business proposition within communities such as eHealth, construction or manufacturing. Increasingly distributed scenarios where many different types of services need to be combined in order to implement semantically enriched business processes demand new approaches to security within such dynamic Virtual Organizations. The allocation of access rights need to be possible in an easy and controlled way in order to allow inexperienced users to maintain the information and ensure compliance e.g. with legal and privacy related regulations. In this paper the focus is how security concepts originating from the Grid domain have been applied for collaborative working environments. The chosen scenarios are a Virtual Laboratory for Infectious Diseases (ViroLab) and different collaborative environments from the engineering domain as defined within the CoSpaces project. The requirements from these scenarios are analyzed and a security model enabling such dynamic, secure and trustworthy collaborations is presented.

[1]  Bartosz Balis,et al.  Virtual Laboratory for Development and Execution of Biomedical Collaborative Applications , 2008, 2008 21st IEEE International Symposium on Computer-Based Medical Systems.

[2]  Jianhua Shao,et al.  Privacy and e-commerce: a consumer-centric perspective , 2007, Electron. Commer. Res..

[3]  Christian Geuer-Pollmann,et al.  Web services and web service security standards , 2005, Inf. Secur. Tech. Rep..

[4]  David W. Chadwick,et al.  The TrustCoM Approach to Enforcing Agreements between Interoperating Enterprises , 2006, I-ESA.

[5]  Leon Gommans,et al.  Using Workflow for Dynamic Security Context Management in Grid-based Applications , 2006, 2006 7th IEEE/ACM International Conference on Grid Computing.

[6]  Giandomenico Spezzano,et al.  Dissemination of Information with Fair Load Distribution in Self-organizing Grids , 2008, ANTS Conference.

[7]  Himanshu Khurana,et al.  A model for access negotiations in dynamic coalitions , 2004, 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises.

[8]  Alexander Kipp,et al.  Supporting collaborative engineering using an intelligent web service middleware , 2008, Adv. Eng. Informatics.

[9]  Stefan Wesner Towards an Architecture for the Mobile Grid (Architektur für ein Mobiles Grid) , 2005, it Inf. Technol..

[10]  Alexander Kipp,et al.  A Secure Infrastructure for Dynamic Collaborative Working Environments , 2007, GCA.

[11]  Sanjeev Khanna,et al.  Data Provenance: Some Basic Issues , 2000, FSTTCS.

[12]  Arun Kumar,et al.  Context sensitivity in role-based access control , 2002, OPSR.

[13]  G. D. de Moor,et al.  Privacy Enhancing Techniques , 2003, Methods of Information in Medicine.

[14]  Marian Bubak,et al.  From molecule to man: Decision support in individualized E-health , 2006, Computer.

[15]  Marty Humphrey,et al.  Policy and enforcement in virtual organizations , 2003, Proceedings. First Latin American Web Congress.

[16]  Munindar P. Singh,et al.  Distributed Reputation Management for Electronic Commerce , 2002, Comput. Intell..

[17]  Miriam Cunningham,et al.  Collaboration and the knowledge economy : issues, applications, case studies , 2008 .

[18]  Elisa Bertino,et al.  Establishing and protecting digital identity in federation systems , 2005, DIM '05.