Collaboration Security for Modern Information Systems

One of the main approaches to accessing heterogeneous data is via the use of a mediation framework. The current problem with mediation systems is that they are viewed as black boxes from the perspective of their clients. As clients enter their data, they are unable to control the access to their data from entities within the mediation system. In this paper we present a solution in the form of a security framework, named Collaboration Security Framework that addresses the needs of all entities, i.e. external clients, mediators or data sources, to have autonomy in applying security policies during collaboration. As a result all entities participating in a collaboration have control over the access to their data by applying local, global and collaboration channel security rules, which can be changed at runtime and that are security model independent.

[1]  D. Elliott Bell,et al.  Secure Computer System: Unified Exposition and Multics Interpretation , 1976 .

[2]  Sudha Ram,et al.  Information systems interoperability: What lies beneath? , 2004, TOIS.

[3]  Aaron Helsinger,et al.  Cougaar: a scalable, distributed multi-agent architecture , 2004, 2004 IEEE International Conference on Systems, Man and Cybernetics (IEEE Cat. No.04CH37583).

[4]  Elisa Bertino,et al.  X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control , 2005, TSEC.

[5]  Elisa Bertino,et al.  Secure collaboration in mediator-free environments , 2005, CCS '05.

[6]  Mark Wallace,et al.  Practical applications of constraint programming , 2004, Constraints.

[7]  Francesca Rossi,et al.  Semiring-based constraint satisfaction and optimization , 1997, JACM.

[8]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[9]  G. Wiederhold,et al.  A security mediator for health care information. , 1996, Proceedings : a conference of the American Medical Informatics Association. AMIA Fall Symposium.

[10]  Gio Wiederhold,et al.  Mediators in the architecture of future information systems , 1992, Computer.

[11]  Li Gong,et al.  The complexity and composability of secure interoperation , 1994, Proceedings of 1994 IEEE Computer Society Symposium on Research in Security and Privacy.

[12]  Michael R. Genesereth,et al.  The Conceptual Basis for Mediation Services , 1997, IEEE Expert.

[13]  Stefano Bistarelli Semirings for Soft Constraint Solving and Programming , 2004, Lecture Notes in Computer Science.

[14]  S. Dawson,et al.  Secure access wrapper: mediating security between heterogeneous databases , 2000, Proceedings DARPA Information Survivability Conference and Exposition. DISCEX'00.

[15]  Onyeka Ezenwoye,et al.  A role-based access control model for information mediation , 2004, Proceedings of the 2004 IEEE International Conference on Information Reuse and Integration, 2004. IRI 2004..

[16]  Michael J. Nash,et al.  The Chinese Wall security policy , 1989, Proceedings. 1989 IEEE Symposium on Security and Privacy.

[17]  Paul Barker An analysis of user input to an X.500 white pages directory service , 1995, TNET.

[18]  Kincho H. Law,et al.  CHAOS: An Active Security Mediation System , 2000, CAiSE.

[19]  Jeffrey I. Schiller,et al.  An Authentication Service for Open Network Systems. In , 1998 .

[20]  Li Yang,et al.  Three-layered mediator architecture based on DHT , 2004, 7th International Symposium on Parallel Architectures, Algorithms and Networks, 2004. Proceedings..

[21]  Jeffrey M. Bradshaw,et al.  KAoS: A Generic Agent Architecture for Aerospace Applications , 1995, CIKM Information Agents Workshop.

[22]  Jeffrey D. Ullman,et al.  Protection in operating systems , 1976, CACM.

[23]  Li Gong,et al.  Computational Issues in Secure Interoperation , 1996, IEEE Trans. Software Eng..

[24]  Danny B. Lange,et al.  Seven good reasons for mobile agents , 1999, CACM.