Skip to main content
SpringerLink
Log in

Recognition of Authority in Virtual Organisations

  • Conference paper
Trust, Privacy and Security in Digital Business (TrustBus 2007)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 4657))

Abstract

A Virtual Organisation (VO) is a temporary alliance of autonomous, diverse, and geographically dispersed organisations, where the participants pool resources, information and knowledge in order to meet common objectives. This requires dynamic security policy management. We propose an authorisation policy management model called recognition of authority (ROA) which allows dynamically trusted authorities to adjust the authorisation policies for VO resources. The model supports dynamic delegation of authority, and the expansion and contraction of organizations in a VO, so that the underlying authorisation system is able to use existing user credentials issued by participating organisations to evaluate the user’s access rights to VO resources.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Chadwick, D., Otenko, S.: The permis x.509 role based privilege management infrastructure. In: Proceedings of 7th ACM Symoisium on Access Control Models and Technologies (SACMAT 2002), ACM Press, New York (2002)

    Google Scholar 

  2. Chadwick, D., Zhao, G., Otenko, S., Laborde, R., Su, L., Nguyen, T.A.: Building a modular authorization infrastructure. In: Fifth All Hands Meeting. UK e-science, Achievements, Challenges & New Opportunities (September 2006)

    Google Scholar 

  3. Chadwick, D.W, Otenko, S., Nguyen, T.A.: Adding support to xacml for dynamic delegation of authority in multiple domains. In: 10th IFIP Open Conference on Communications and Multimedia Security, Heraklion Crete (2006)

    Google Scholar 

  4. Erdos, M., Cantor, S.: Shibboleth-architecture draft v05. Technical report, Internet2 (May 2002)

    Google Scholar 

  5. Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed nist standard for role-based access control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)

    Article  Google Scholar 

  6. Firozabadi, B.S., Olsson, O., Rissanen, E.: Managing authorisations in dynamic coalitions. Swedish Institute of Computer Science (2003)

    Google Scholar 

  7. Kagal, L., Finin, T., Peng, Y.: A delegation based model for distributed trust. In: Proceedings of the IJCAI01 Workshop on Autonomy, Delegation and Control: Interacting with Autonomous Agent, Seattle, pp. 73–80 (2001)

    Google Scholar 

  8. Kang, M.H., Park, J.S., Froscher, J.N.: Access control mechanisms for inter-organizational workflow. In: The sixth ACM symposium on Access control models and technologies, Chantilly, Virginia, United States, pp. 66–74. ACM Press, New York (2001)

    Chapter  Google Scholar 

  9. Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust-management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press, Los Alamitos (2002)

    Google Scholar 

  10. Li, N., Mitchell, J.C., Winsborough, W.H.: Distributed credential chain discovery in trust management. Journal of Computer Security, 35–86 (2003)

    Google Scholar 

  11. Moffett, J.D., Sloman, M.S.: Policy hierarchies for distributed systems management. IEEE Journal on Selected Areas in Communications 11(9), 1404–1414 (1993)

    Article  Google Scholar 

  12. Mukkamala, R., Atluri, V., Warner, J., Abbadasari, R.: A distributed coalition service registry for ad-hoc dynamic coalitions: A service-oriented approach. In: Damiani, E., Liu, P. (eds.) Data and Applications Security XX. LNCS, vol. 4127, pp. 209–223. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Nguyen, T.-A., Su, L., Inman, G., Chadwick, D.: Flexible and manageable delegation of authority in rbac. In: Proceedings of The IEEE Ubisafe 2007, Ontario, Canada, 21-23 May 2007, IEEE Computer Society Press, Los Alamitos (2007)

    Google Scholar 

  14. Park, J.S., Costello, K.P., Neven, T.M., Diosomito, J.A.: A composite rbac approach for large, complex organizations. In: ACM SACMAT 2004, Yorktown Heights, New York, ACM Press, New York (2004)

    Google Scholar 

  15. Pearlman, L., Welch, V., Foster, I., Kesselman, C., Tuecke, S.: Community authorization service for group collaboration. In: IEEE 3rd International Workshop on Policies for Distributed Systems and Networks (2002)

    Google Scholar 

  16. Sandhu, R., Bhamidipati, V., Munawer, Q.: The arbac97 model for role-based administration of roles. ACM Transactions on Information and System Security 2(1), 105–135 (1999)

    Article  Google Scholar 

  17. Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models, 29(2), 38–47 (1996)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Kent, Canterbury, England

    Tuan-Anh Nguyen, David Chadwick & Bassem Nasser

Authors
  1. Tuan-Anh Nguyen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. David Chadwick
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Bassem Nasser
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Costas Lambrinoudakis Günther Pernul A Min Tjoa

Rights and permissions

Reprints and permissions

Copyright information

© 2007 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Nguyen, TA., Chadwick, D., Nasser, B. (2007). Recognition of Authority in Virtual Organisations. In: Lambrinoudakis, C., Pernul, G., Tjoa, A.M. (eds) Trust, Privacy and Security in Digital Business. TrustBus 2007. Lecture Notes in Computer Science, vol 4657. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-74409-2_3

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-74409-2_3

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-74408-5

  • Online ISBN: 978-3-540-74409-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation