论文信息 - Self Protecting Data for De-perimeterised Information Sharing

Self Protecting Data for De-perimeterised Information Sharing

The emergence of high-speed networks, Grid Computing, Service-Oriented Architectures, and an ever increasing ambient connection to mobile Internet has enabled an underpinning infrastructure for the development of dynamically formed, collaborative working groups known as Virtual Organizations (VOs). VOs provide strong motivation for investigation into the infrastructure, and in particular the security necessary to protect the information and resources shared within a VO, both while resident on local machines and when allowed to move beyond the secure boundary of a local organizational network perimeter and into the realm of the distributed VO. Traditional access control systems are perimeter-centric, meaning they apply the controls to both internal and external requests for access to information within or at the perimeter of their information system. This paper presents the initial results of the JISC funded SPIDER project, being led by Cardiff University. Through case based example, the research investigates the limitations to granularity and persistent control over information when using the perimeter-centric approach in a collaborative working environment.

Pete Burnap | Jeremy Hilton | P. Burnap | J. Hilton | Jeremy Hilton

[1] Sabrina De Capitani di Vimercati,et al. A fine-grained access control system for XML documents , 2002, TSEC.

[2] Ian Foster,et al. The Grid 2 - Blueprint for a New Computing Infrastructure, Second Edition , 1998, The Grid 2, 2nd Edition.

[3] Ian T. Foster,et al. The anatomy of the grid: enabling scalable virtual organizations , 2001, Proceedings First IEEE/ACM International Symposium on Cluster Computing and the Grid.

[4] Ákos Frohner,et al. VOMS, an Authorization System for Virtual Organizations , 2003, European Across Grids Conference.

[5] Reihaneh Safavi-Naini,et al. Digital Rights Management for Content Distribution , 2003, ACSW.

[6] Ian T. Foster,et al. The Anatomy of the Grid: Enabling Scalable Virtual Organizations , 2001, Int. J. High Perform. Comput. Appl..

[7] Elisa Bertino,et al. On specifying security policies for web documents with an XML-based language , 2001, SACMAT '01.

[8] Arie Shoshani,et al. The Grid 2: Blueprint for a New Computing Infrastructure (2nd edition), , 2003 .

[9] David W. Chadwick,et al. The PERMIS X.509 role based privilege management infrastructure , 2002, SACMAT '02.