Interoperability of Context Based System Policies Using O2O Contract

The evolution of today's markets and the high volatility of business requirements put an increasing emphasis on the ability for systems to accommodate the changes required by new organizational needs while maintaining security objectives satisfiability. This is even more true in case of collaboration and interoperability between different organizations and thus between their information systems.Usual solutions do not anticipate interoperability security requirements or do it in a non satisfactory way. In this paper, we propose contract and compatibility principles to achieve a secure interoperation. Contracts are used to explicitly represent the rules that determine the way interaction between organizations must be controlled to satisfy secure accesses to resources. Compatibility relations make it possible to derive interoperability security policies.

[1]  Siegwart Lindenberg AN EXTENDED THEORY OF INSTITUTIONS AND CONTRACTUAL DISCIPLINE , 1992 .

[2]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[3]  Ian T. Foster,et al.  A community authorization service for group collaboration , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[4]  Erhard Rahm,et al.  COMA - A System for Flexible Combination of Schema Matching Approaches , 2002, VLDB.

[5]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[6]  Rolf Oppliger Microsoft .NET Passport: A Security Analysis , 2003, Computer.

[7]  Pedro M. Domingos,et al.  Learning to match ontologies on the Semantic Web , 2003, The VLDB Journal.

[8]  Chris J. Mitchell,et al.  A Taxonomy of Single Sign-On Systems , 2003, ACISP.

[9]  Jeffrey M. Bradshaw,et al.  KAoS policy management for semantic Web services , 2004, IEEE Intelligent Systems.

[10]  Elisa Bertino,et al.  Trust-X: A Peer-to-Peer Framework for Trust Establishment , 2004, IEEE Trans. Knowl. Data Eng..

[11]  Deborah L. McGuinness,et al.  OWL Web ontology language overview , 2004 .

[12]  Ravi S. Sandhu,et al.  Peer-to-peer access control architecture using trusted computing technology , 2005, SACMAT '05.

[13]  Ninghui Li,et al.  Automated trust negotiation using cryptographic credentials , 2005, CCS '05.

[14]  Vijay Varadharajan,et al.  A Trust based Access Control Framework for P2P File-Sharing Systems , 2005, Proceedings of the 38th Annual Hawaii International Conference on System Sciences.

[15]  Lalana Kagal,et al.  Policy-based Access Control for Task Computing Using Rei , 2005 .

[16]  Nora Cuppens-Boulahia,et al.  O2O: Virtual Private Organizations to Manage Security Policy Interoperability , 2006, ICISS.

[17]  Nora Cuppens-Boulahia,et al.  High Level Conflict Management Strategies in Advanced Access Control Models , 2007, ICS@SYNASC.

[18]  Nora Cuppens-Boulahia,et al.  Multi-Granular Licences to Decentralize Security Administration , 2007 .

[19]  Ana R. Cavalli,et al.  Context Ontology for Secure Interoperability , 2008, 2008 Third International Conference on Availability, Reliability and Security.

[20]  F. Autrel,et al.  MotOrBAC 2 : a security policy tool , 2008 .