The shift from paper documents to their respective electronic formats is producing important advantages in the functionin g of businesses and Public Administrations. However, this shift is often limit ed to the internal operation of each entity because of the lack of security in the electronic communication mechanisms. Traditionally, these entities have mana ged their Local Area Networks (LANs) or even Virtual Private Networks (VPN) as isolated islands, where local identity-based authorization schemes we re appropriate. But, the trend towards paperless procedures leads to the nee d for these entities to interoperate. As an advance, extranets were proposed to connect entities that share common goals in a way that automates their administ rat ve interactions using Internet technology. However, the limited authoriza tion and access control capabilities provided by extranets is a mayor drawbac k for their application in open and heterogeneous scenarios. Trust appears as the main issue to address in order to achieve secure interoperation of different independent entities. This paper presents a solution to this problem, based on the use of Privilege Management Infrastructures (PMIs) and the semantic des ription of the different authorization entities.
[1]
José M. Troya,et al.
A secure solution for commercial digital libraries
,
2003,
Online Inf. Rev..
[2]
Ravi S. Sandhu,et al.
The NIST model for role-based access control: towards a unified standard
,
2000,
RBAC '00.
[3]
Antonio Maña,et al.
XML-Based Distributed Access Control System
,
2002,
EC-Web.
[4]
Teresa F. Lunt,et al.
A MAC Policy Framework for Multilevel Relational Databases
,
1996,
IEEE Trans. Knowl. Data Eng..
[5]
P ShethAmit,et al.
Federated database systems for managing distributed, heterogeneous, and autonomous databases
,
1990
.