Abstract
Current challenges on the markets cause companies to interact with one another and strive after becoming members of virtual organizations assuming that in doing so they can achieve sustainable competitiveness and remain successful despite increased competition. This new openness has strong implications and poses intense demands on organizations’ security systems. In this paper we present architectural considerations and our concept of a security infrastructure to cope with these challenges. The presented approach aims at minimizing the leadtime before usage of external services can start by employing a security intermediary for mediation purposes.
The research leading to these results is receiving funding from the European Community’s Seventh Framework Programme under grant agreement no. 217098. The content of this publication is the sole responsibility of the authors and in no way represents the view of the European Commission or its services.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
International Organization for Standardization (ISO): Information Technology - Open Systems Interconnection - Security Frameworks in Open Systems - Part 3: Access Control. ISO/IEC 10181-3 (1996)
Ahsant, M., Gonzalez, E.T., Basney, J.: Security Credential Mapping in Grids. In: Proc. of the 4th International Conference on Availability, Reliability and Security (ARES’09), pp. 481–486 (2009)
AT&T: Collaboration across borders: An AT&T survey and white paper in co-operation with the Economist Intelligence Unit (2008)
Aziz, B., Arenas, A., Martinelli, F., Matteucci, I., Mori, P.: Controlling Usage in Business Process Workflows through Fine-Grained Security Policies. In: Furnell, S.M., Katsikas, S.K., Lioy, A. (eds.) TrustBus 2008. LNCS, vol. 5185, pp. 100–117. Springer, Heidelberg (2008)
Belsis, P., Gritzalis, S., Skourlas, C., Tsoukalas, V.: Design and Implementation of Distributed Access Control Infrastructures for Federations of Autonomous Domains. In: Lambrinoudakis, C., Pernul, G., Tjoa, A.M. (eds.) TrustBus 2007. LNCS, vol. 4657, pp. 125–134. Springer, Heidelberg (2007)
Bertino, E., Martino, L.D.: A Service-oriented Approach to Security - Concepts and Issues. In: Proc. of the 8th International Symposium on Autonomous Decentralized Systems (ISADS’07), pp. 7–16 (2007)
Broser, C., Fritsch, C., Gmelch, O., Pernul, G., Schillinger, R., Wiesbeck, S.: Analyzing Requirements for Virtual Business Alliances - the Case of SPIKE. In: Proc. of the International ICST Conference on Digital Business, DigiBiz 2009 (2009)
Chang, S.H., La, H.J., Bae, J.S., Jeon, W.Y., Kim, S.D.: Design of a Dynamic Composition Handler for ESB-based Services. In: Proc. of the IEEE International Conference on e-Business Engineering (ICEBE ’07), pp. 287–294 (2007)
D’Mello, D.A., Ananthanarayana, V.S.: Quality Driven Web Service Selection and Ranking. In: Proc. of the 5th International Conference on Information Technology: New Generations (ITNG ’08), pp. 1175–1176 (2008)
Eid, T.: Gartner Research: Gartner Says Worldwide Web Conference and Team Collaboration Software Markets Will Reach $2.8 Billon in 2010 (2007)
Gutiérrez, C., Fernández-Medina, E., Piattini, M.: Web Services Security: Is the Problem Solved? In: Proc. of the 2nd International Workshop on Security In Information Systems (WOSIS 2004), pp. 293–304 (2004)
Hebig, R.N., Meinel, C., Menzel, M., Thomas, I., Warschofsky, R.: A Web Service Architecture for Decentralised Identity- and Attribute-based Access Control. In: Proc. of the 7th IEEE International Conference on Web Services (ICWS’09), pp. 551–558 (2009)
van Heck, E., Vervest, P.: Smart Business Networks: How the Network Wins. Communications of the ACM 50(6), 28–37 (2007)
Hoellrigl, T., Dinger, J., Hartenstein, H.: FedWare: Middleware Services to Cope with Information Consistency in Federated Identity Management. In: Proc. of the 5th International Conference on Availability, Reliability and Security (ARES ’10), pp. 228–235 (2010)
Iyer, B., Freedman, J., Gaynor, M., Wyner, G.: Web Services: Enabling Dynamic Business Networks. Communications of the AIS 11, 525–554 (2003)
Kasper-Fuehrer, E., Ashkanasy, N.: The Interorganisational Virtual Organisation: Defining a Weberian Ideal. International Studies of Management & Organisation 33, 34–64 (2003)
Lawson, R., Hol, A., Hall, T.: Challenges of eCollaboration among SMEs. In: Proc. of the 20th Bled eConference: eMergence (2007)
Lopez, J., Oppliger, R., Pernul, G.: Authentication and Authorization Infrastructures (AAIs): A Comparative Survey. Computers & Security 23, 578–590 (2004)
Moses, T.: eXtensible Access Control Markup Language (XACML) Version 2.0. OASIS Standard (2005)
Opincaru, C., Gheorghe, G.: Service Oriented Security Architecture. Enterprise Modelling and Information Systems Architectures Journal 4(1), 39–48 (2009)
Pretschner, A., Massacci, F., Hilty, M.: Usage Control in Service-Oriented Architectures. In: Lambrinoudakis, C., Pernul, G., Tjoa, A.M. (eds.) TrustBus 2007. LNCS, vol. 4657, pp. 83–93. Springer, Heidelberg (2007)
Ten-Hove, R., Walker, P.: Java Business Integration (JBI) 1.0. Java Specification Request 208 (2005)
Winslett, M., Lee, A.J., Perano, K.J.: Trust Negotiation: Authorization for Virtual Organizations. In: Proc. of the 5th Annual Workshop on Cyber Security and Information Intelligence Research (CSIIRW ’09). pp. 1–4 (2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Fritsch, C., Pernul, G. (2010). Security for Dynamic Service-Oriented eCollaboration. In: Katsikas, S., Lopez, J., Soriano, M. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2010. Lecture Notes in Computer Science, vol 6264. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-15152-1_19
Download citation
DOI: https://doi.org/10.1007/978-3-642-15152-1_19
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-15151-4
Online ISBN: 978-3-642-15152-1
eBook Packages: Computer ScienceComputer Science (R0)