Towards authorisation models for secure information sharing: a survey and research agenda
作者: Jason F. Reid , Farzad Salim , Edward Dawson
DOI:
关键词:
摘要: This article presents a survey of authorisation models and considers their ‘fitness-for-purpose’ in facilitating information sharing. Network-supported sharing is an important technical capability that underpins collaboration support dynamic unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration emerging business based on the concept ‘virtual organisation’. The argues present are inflexible poorly scalable environments due to assumption future needs system can be predicted, which turn justifies use persistent policies. outlines motivation requirement for new flexible model addresses It proposes must allow explicit specification objectives access decisions made late trade-off analysis between these objectives. A research agenda proposed Objective-based Access Control presented.
参考文章(77)
Butler Lampson, Morrie Gasser, Andy Goldstein, Charlie Kaufman, The Digital Distributed System Security Architecture National Institute of Standards and Technology. ,(1989)
James P. Anderson, Computer Security Technology Planning Study ,(1972)
Angelos D. Keromytis, Matt Blaze, Joan Feigenbaum, KeyNote: Trust Management for Public-Key Infrastructures (Position Paper) Lecture Notes in Computer Science. ,(1999)
Nicholas Paul Sheppard, Reihaneh Safavi-Naini, Protecting privacy with the MPEG-21 IPMP framework privacy enhancing technologies. pp. 152- 171 ,(2006) , 10.1007/11957454_9
M. Eric Johnson, Xia Zhao, Information Governance: Flexibility and Control through Escalation and Incentives WEIS. ,(2008)
William J. Caelli, Jason F. Reid, DRM, trusted computing and operating system architecture grid computing. pp. 127- 136 ,(2005)
Matt Blaze, Joan Feigenbaum, John Ioannidis, Angelos D. Keromytis, The role of trust management in distributed systems security Secure Internet programming. pp. 185- 210 ,(2001) , 10.1007/3-540-48749-2_8
Nimal Nissanke, Etienne J. Khayat, Risk Based Security Analysis of Permissions in RBAC international workshop on security. pp. 331- 340 ,(2004)
Farzad Salim, Nicholas Paul Sheppard, Rei Safavi-Naini, Enforcing P3P policies using a digital rights management system privacy enhancing technologies. pp. 200- 217 ,(2007) , 10.1007/978-3-540-75551-7_13
Reihaneh Safavi-Naini, Qiong Liu, Nicholas Paul Sheppard, Digital rights management for content distribution ACSW Frontiers '03 Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003 - Volume 21. pp. 49- 58 ,(2003)