Access control: What is required in business collaboration?

Daisy Daiqin He*, Michael Compton, Kerry Taylor, Jian Yang

*Corresponding author for this work

Research output: Chapter in Book/Report/Conference proceedingConference proceeding contributionpeer-review

1 Citation (Scopus)

Abstract

Access control has been studied for sometime, and there are a number of theories and techniques for handling access control for single or centralised systems; however, unique and challenging security issues concerning collaboration in the context of service oriented computing (SOC) have arisen due to the dynamic and loosely coupled nature of the environment in which these collaborations are conducted. Individual organisations usually dene their access control policies independently. When a collaboration opportunity arrives, a number of problems arise, such as: determining if the collaboration is possible given the access control policies, dening the policy for the collaboration and deciding under what conditions a service is allowed to be forwarded to other parties. Furthermore, different types of collaboration, in terms of the way collaboration is carried out, require different access control support. In this paper, we propose a model encoded in description logic to capture all the necessary elements for specifying access control policy for collaboration. Based on the model, various inconsistencies between access policies from different business units are identied. The paper also shows how a description logic reasoner can be used to prove that two policies are suitable, or not suitable, for collaboration. The policy model and policies are encoded in a SROIQ knowledge base. Although access control policies focus on a single system or a single business party's requirements, the method presented in this paper allows a logical analysis of the suitability of potential collaboration partners. We believe this work is laying a foundation for access policy development, negotiation and enforcement for crossorganization collaborations.

Original languageEnglish
Title of host publicationDatabase Technologies 2009
Subtitle of host publicationProceedings of the 20th Australasian Database Conference (ADC 2009)
EditorsAthman Bouguettaya, Xuemin Lin
Place of PublicationAustralia
PublisherAustralian Computer Society
Pages105-114
Number of pages10
ISBN (Print)9781920682736
Publication statusPublished - 2009
EventAustralasian Database Conference - Wellington, New Zealand
Duration: 20 Jan 200923 Jan 2009

Publication series

NameConferences in Research and Practice in Information Technology (CRPIT)
PublisherAustralian Computer Society
Volume92
ISSN (Print)1445-1336

Conference

ConferenceAustralasian Database Conference
CityWellington, New Zealand
Period20/01/0923/01/09

Fingerprint

Dive into the research topics of 'Access control: What is required in business collaboration?'. Together they form a unique fingerprint.

Cite this