论文信息 - Controls for Interorganization Networks

Controls for Interorganization Networks

Interorganization computer networks support person-to-person communication via electronic mail; exchange of cad/cam data, software modules, or documents via file transfer; input to an order-entry or accounting system via a database query and update protocol; and use of shared computational resources via an asynchronous message protocol or remote login. In most such interorganization arrangements, the set of resources that an organization wants to make accessible to outsiders is significantly smaller than the set of resources that it wants to remain strictly-internal (i.e., accessible to employees of the organization only). In addition, because the potential user is a person (or machine) outside the boundaries of the organization, the damage associated with undesired use can be high. Because of these characteristics, Interorganization Networks (ION's) have unique usage-control requirements.

Deborah Estrin

[1] Carl E. Landwehr,et al. A security model for military message systems , 1984, TOCS.

[2] Deborah Estrin. Inter-organization networks: implications of access control: requirements for interconnection protocol , 1986, SIGCOMM '86.

[3] K. J. Bma. Integrity considerations for secure computer systems , 1977 .

[4] Leo Joseph Rotenberg,et al. Making computers keep secrets , 1973 .

[5] Deborah Estrin. Non-Discretionary Controls for Inter-Organization Networks , 1985, 1985 IEEE Symposium on Security and Privacy.

[6] Steven B. Lipner,et al. Non-Discretionery Controls for Commercial Applications , 1982, 1982 IEEE Symposium on Security and Privacy.

[7] Roger M. Needham,et al. Using encryption for authentication in large networks of computers , 1978, CACM.

[8] P. A. Karger. NON-DISCRETIONARY ACCESS CONTROL FOR DECENTRALIZED COMPUTING SYSTEMS , 1977 .

[9] Deborah Estrin,et al. Access to inter-organization computer networks , 1986, COCS '86.