Toward Comprehensive Security Policy Governance in Collaborative Enterprise
作者: Ziyi Su , Frédérique Biennier
DOI: 10.1007/978-3-642-33980-6_39
关键词:
摘要: The lack of trust among software services spanning multiple organisations and the rather poor adaptability level current security policies are often seen as braking forces to collaborative-enterprise development. Removing this impediment involves re-thinking policy according “due usage” requirements setting enforcement regulations both due usage runtime environment. This paper analyzes nature secured assets exchange management in collaborative enterprise, describing sharing patterns and, accordingly, ‘sub-context’ partition method. Resource protection can be done by applying a ‘collaborative control model’ on each manage during service/information aggregation. In way, compendious but comprehensive governance for enterprise is achieved.
archives-ouvertes.fr
springer.com
sci-hub.st 参考文章(17)
Thierry Sans, Frédéric Cuppens, Nora Cuppens-Boulahia, FORM: a federated rights expression model for open DRM frameworks ASIAN'06 Proceedings of the 11th Asian computing science conference on Advances in computer science: secure software and related issues. pp. 45- 59 ,(2006) , 10.1007/978-3-540-77505-8_5
A. Matheus, How to Declare Access Control Policies for XML Structured Information Objects using OASIS' eXtensible Access Control Markup Language (XACML) hawaii international conference on system sciences. pp. 168- ,(2005) , 10.1109/HICSS.2005.300
Joseph Migga Kizza, Computer Network Security ,(2005)
Nizar Kheir, Hervé Debar, Frédéric Cuppens, Nora Cuppens-Boulahia, Jouni Viinikka, A Service Dependency Modeling Framework for Policy-Based Response Enforcement Detection of Intrusions and Malware, and Vulnerability Assessment. pp. 176- 195 ,(2009) , 10.1007/978-3-642-02918-9_11
Hervé Debar, Nizar Kheir, Nora Cuppens-Boulahia, Frédéric Cuppens, Service dependencies in information systems security mathematical methods models and architectures for network security systems. pp. 1- 20 ,(2010) , 10.1007/978-3-642-14706-7_1
Frédérique Biennier, Régis Aubry, Mathieu Maranzana, Integration of Business and Industrial Knowledge on Services to Set Trusted Business Communities of Organisations working conference on virtual enterprises. pp. 420- 426 ,(2010) , 10.1007/978-3-642-15961-9_50
J. G. Alfaro, N. Boulahia-Cuppens, F. Cuppens, Complete analysis of configuration rules to guarantee reliable network security policies International Journal of Information Security. ,vol. 7, pp. 103- 122 ,(2008) , 10.1007/S10207-007-0045-7
Ziyi Su, Frederique Biennier, End-to-end security policy description and management for collaborative system information assurance and security. pp. 137- 142 ,(2010) , 10.1109/ISIAS.2010.5604183
Frédéric Cuppens, Nora Cuppens-Boulahia, Modeling contextual security policies International Journal of Information Security. ,vol. 7, pp. 285- 305 ,(2008) , 10.1007/S10207-007-0051-9
Frederica Paci, Elisa Bertino, Jason Crampton, An Access-Control Framework for WS-BPEL International Journal of Web Services Research. ,vol. 5, pp. 20- 43 ,(2008) , 10.4018/JWSR.2008070102