2009 IEEE International Conference on Cloud Computing (2009)
Sept. 21, 2009 to Sept. 25, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/CLOUD.2009.55
Modern distributed systems require collaborations between individual organizations. The collaborations consist of complex relationships and interactions among distinct administrative domains. Different forms of collaboration can be implemented. As a result, different security control requirements emerge. For example, service propagation requires all collaborating partners to have compatible authorization policies. On the other hand, integratable policies are required for organizations who intend to engage in service composition. Therefore, a thorough understanding of different collaboration patterns is a prerequisite for secure inter-organizational collaboration. In this paper, we define basic inter-organizational collaboration patterns and propose Collaboration Policies that outline requirements for collaboration partners in each collaboration pattern in terms of authorization policy consistency.
Business collaboration, access control, policy inconsistency
J. Yang and D. D. He, "Understand Collaborative Authorization Policies: Models and Specifications," 2009 ICSE Workshop on Software Engineering Challenges of Cloud Computing (CLOUD 2009)(CLOUD), Vancouver, BC, 2009, pp. 206-213.