A Policy Driven Authorization Control Framework for Business Collaboration

Business collaboration is about coordinating the flow of information among organizations and linking their business processes. However unique and challenging security issues concerning business collaboration in the context of SOC have arisen because of its dynamic and loosely coupling nature. In this paper we firstly identify elements for security policy specification. We then discuss different types of collaboration patterns based on which rules for security policy integration can be developed. A framework is developed for handling authorization control for business collaboration. The discussion in the paper is based on the collaboration scenarios in health care.