论文信息 - Content oriented virtual domains for secure information sharing across organizations

Content oriented virtual domains for secure information sharing across organizations

Secure information sharing across different organizations is an emerging issue for collaborative software development, product design, etc. Virtual domains have been proposed for this issue so far. A virtual domain is a collaborative workspace comprising virtual computer resources dedicated to a particular collaborative activity, and it is subject to information sharing policies that restrict the scope of information sharing within the domain. This paper proposes a method of constructing Content Oriented Virtual Domains, which leverages existing common services such as e-mail, Web, and file servers, therefore enabling us to construct a secure collaborative workspace at lower cost than existing methods that require such services to be reconstructed in the same domain. This paper also shows an experimental implementation of the method and its performance evaluation results.

Takayuki Sasaki | Ryuichi Ogawa | Masayuki Nakae

[1] Bernhard Jansen,et al. Trusted Virtual Domains: Secure Foundations for Business and IT Services , 2005 .

[2] Michiharu Kudo,et al. Chinese-wall process confinement for practical distributed coalitions , 2007, SACMAT '07.

[3] Ravi S. Sandhu,et al. Toward a Usage-Based Security Framework for Collaborative Computing Systems , 2008, TSEC.

[4] Ahmad-Reza Sadeghi,et al. European Multilateral Secure Computing Base - Open Trusted Computing for You and Me , 2004 .

[5] Stefan Berger,et al. Building a MAC-based security architecture for the Xen open-source hypervisor , 2005, 21st Annual Computer Security Applications Conference (ACSAC'05).

[6] Hiroshi Maruyama,et al. Bridging the Gap Between Inter-communication Boundary and Internal Trusted Components , 2006, ESORICS.

[7] Ahmad-Reza Sadeghi,et al. Flexible and secure enterprise rights management based on trusted virtual domains , 2008, STC '08.

[8] Heng Yin,et al. Building an Application-Aware IPsec Policy System , 2005, IEEE/ACM Transactions on Networking.

[9] Trent Jaeger,et al. Attestation-based policy enforcement for remote access , 2004, CCS '04.