Virtual enterprise access control requirements

Current developments in IT point towards the formation of loosely coupled enterprises, often referred to as virtual enterprises. These enterprises require both secure and flexible collaboration between unrelated information systems. Web services technology can be used as an ideal platform for realising virtual enterprises throughh their ease of integration, flexibility, and support of XML vocabularies. To ensure the successful implementation of Web services within virtual enterprises, new approaches to security are required. Together with authentication, access control has been seen as a pillar of IT security approaches. The focus of this paper will be to determine requirements that could play a role when the access control policies of such enterprises are defined.

[1]  Ian T. Foster,et al.  A community authorization service for group collaboration , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[2]  Roch Guérin,et al.  A Framework for Policy-based Admission Control , 2000, RFC.

[3]  Sabrina De Capitani di Vimercati,et al.  An algebra for composing access control policies , 2002, TSEC.

[4]  Steve Purser Why access control is difficult , 2002, Comput. Secur..

[5]  Ian Foster,et al.  The Security Architecture for Open Grid Services , 2002 .

[6]  Ernesto Damiani,et al.  Towards securing XML Web services , 2002, XMLSEC '02.

[7]  Sushil Jajodia,et al.  Flexible support for multiple access control policies , 2001, TODS.

[8]  Matjaz B. Juric,et al.  Business process execution language for web services , 2004 .

[9]  Horst F. Wedde,et al.  Modular authorization , 2001, SACMAT '01.

[10]  Ernesto Damiani,et al.  Fine grained access control for SOAP E-services , 2001, WWW '01.

[11]  Karl N. Levitt,et al.  Security Policy Specification Using a Graphical Approach , 1998, ArXiv.

[12]  P. A. Nixon,et al.  Objects, components, and the virtual enterprise , 1998, OOPSLA 1998.

[13]  Günter Karjoth,et al.  A privacy policy model for enterprises , 2002, Proceedings 15th IEEE Computer Security Foundations Workshop. CSFW-15.

[14]  Jean Bacon,et al.  Toward open, secure, widely distributed services , 2002, CACM.

[15]  Emil C. Lupu,et al.  The Ponder Policy Specification Language , 2001, POLICY.

[16]  Sushil Jajodia,et al.  A logical language for expressing authorizations , 1997, Proceedings. 1997 IEEE Symposium on Security and Privacy (Cat. No.97CB36097).