A distributed mechanism for secure collaboration in digital ecosystems

In this paper, we investigate the effectiveness and appropriateness of several existing security mechanisms for a Digital Ecosystem (DE) environment. DE is characterized as an open and dynamic environment where the interaction and collaboration between its entities are highly promoted. A major requirement to promote such intensive interaction and collaboration is the ability to secure and uphold the confidentiality, integrity and non-repudiation of shared resources and information. However, current developments of such security mechanisms for protecting the shared resources are still in their infancy. Most of the proposed protection frameworks do not provide a scalable and effective mechanism for engaging multiple interacting entities to protect their resources. This is even a greater issue when multiple resources are exchanged and shared in an open and dynamic environment such as DE. Therefore, we propose a distributed mechanism for enterprises to manage their authentication and authorization processes with an aim to provide a rigorous protection of entities' resources.

[1]  Habiba Drias,et al.  A secure e-transaction model for e-commerce , 2006, 2006 IEEE GCC Conference (GCC).

[2]  Robert D. Silverman A Cost-Based Security Analysis of Symmetric and Asymmetric Key Lengths RSA Labs bulletin , 2000 .

[3]  Steven Tuecke,et al.  An online credential repository for the Grid: MyProxy , 2001, Proceedings 10th IEEE International Symposium on High Performance Distributed Computing.

[4]  Gerard Briscoe,et al.  Digital Ecosystems: Evolving Service-Orientated Architectures , 2006, 2006 1st Bio-Inspired Models of Network, Information and Computing Systems.

[5]  J.-M. Seigneur Demonstration of security through collaboration in the digital business ecosystem , 2005, Workshop of the 1st International Conference on Security and Privacy for Emerging Areas in Communication Networks, 2005..

[6]  William E. Johnston,et al.  Certificate-based Access Control for Widely Distributed Resources , 1999, USENIX Security Symposium.

[7]  W. Chou Inside SSL: the secure sockets layer protocol , 2002 .

[8]  H. Boley,et al.  Digital Ecosystems: Principles and Semantics , 2007, 2007 Inaugural IEEE-IES Digital EcoSystems and Technologies Conference.

[9]  Li Ye-bai,et al.  Research and Implementation of Key Technology Based on Internet Encryption and Authentication , 2009, 2009 International Conference on Networking and Digital Society.

[10]  Geoff Skinner,et al.  Digital ecosystem access control management , 2009 .

[11]  Xin Tian,et al.  Study on Information Management and Security of E-commerce System , 2010, 2010 International Symposium on Intelligence Information Processing and Trusted Computing.

[12]  C. M. Sperberg-McQueen,et al.  Extensible Markup Language (XML) , 1997, World Wide Web J..

[13]  Ian T. Foster,et al.  A community authorization service for group collaboration , 2002, Proceedings Third International Workshop on Policies for Distributed Systems and Networks.

[14]  Hristo Koshutanski,et al.  Distributed Identity Management Model for Digital Ecosystems , 2007, The International Conference on Emerging Security Information, Systems, and Technologies (SECUREWARE 2007).

[15]  Geoff Skinner,et al.  Managing enterprise authentication and authorization permissions in digital ecosystem , 2009, 2009 3rd IEEE International Conference on Digital Ecosystems and Technologies.

[16]  Joel Weise-Sunps,et al.  Public Key Infrastructure Overview , 2001 .

[17]  Thomas Grechenig,et al.  A joint infrastructure of “digital corporate organisms” as facilitator for a virtual digital retail ecosystem , 2010 .

[18]  John Hughes,et al.  Security Assertion Markup Language (SAML) 2.0 Technical Overview , 2004 .

[19]  Philip R. Zimmermann,et al.  The official PGP user's guide , 1996 .