A secure collaborative web based environment for virtual organizations

Laborde, Romain; Kamel, Michel; Barrère, François; Benzekri, Abdelmalek

doi:10.1109/icdim.2007.4444310

Cited by 5 publications

(5 citation statements)

References 5 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…This scenario deals with authorizations management in virtual organizations [6]. We resume it as following:…”

Section: A Authorization In Virtual Organizationsmentioning

confidence: 99%

“…Under certain circumstances, administrators have to unlock some of the security doors of parties information systems. During a past European project called VIVACE 1 [6], unlocking security issues was solved through a workflow engine. This article retakes the use case scenario to prove the concept of dynamic authorization using situation orientation simplifies authorization specification and management.…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Specification and Enforcement of Dynamic Authorization Policies Oriented by Situations

Kabbani

Laborde

Barrère

et al. 2014

2014 6th International Conference on New Technologies, Mobility and Security (NTMS)

Self Cite

View full text Add to dashboard Cite

Nowadays, accessing communication networks and systems faces multitude applications with large-scale requirements dimensions. Mobility -roaming services in particular-during urgent situations exacerbate the access control issues. Dynamic authorization then is required. However, traditional access control fails to ensure policies to be dynamic. Instead, we propose to externalize the dynamic behavior management of networks and systems through situations. Situations modularize the policy into groups of rules and orient decisions. Our solution limits policy updates and hence authorization inconsistencies. The authorization system is built upon the XACML architecture coupled with a complex eventprocessing engine to handle the concept of situations. Situationoriented attribute based policies are defined statically allowing static verification and validation.

show abstract

“…This scenario deals with authorizations management in virtual organizations [6]. We resume it as following:…”

Section: A Authorization In Virtual Organizationsmentioning

confidence: 99%

Section: Introductionmentioning

confidence: 99%

Specification and Enforcement of Dynamic Authorization Policies Oriented by Situations

Kabbani

Laborde

Barrère

et al. 2014

2014 6th International Conference on New Technologies, Mobility and Security (NTMS)

Self Cite

View full text Add to dashboard Cite

show abstract

“…The first version of our prototype made use of PERMIS (Laborde et al, 2007), which is a PMI developed by the ISSRG team of the University of Kent (Chadwick et al, 2008). The core of PERMIS is mainly composed of two entities: the Policy Decision Point (PDP) making access control decisions according to a given policy and the Policy Enforcement Point (PEP) implementing the decisions taken by the PDP.…”

Section: Authorisation: Yaabamentioning

confidence: 99%

A secure collaborative web-based environment for virtual organisations

Laborde

Kamel

Wazan

et al. 2009

IJWBC

Self Cite

View full text Add to dashboard Cite

The concept of the Virtual Organisation (VO) is a natural outcome of network evolution and the growth of collaborative work tools. In the projects Value Improvement thought a Virtual Aeronautical Collaborative Enterprise (VIVACE) and Transglobal Secure Collaboration Program (TSCP), we studied the different issues when setting VOs up. In this paper, we expose the requirements and characteristics of VOs through a use case where the partners produce a technical aeronautic specification, which was proposed by those consortiums. Then, we present a secured collaborative environment that we have deployed to deal with VO security constraints. It combines attribute-based access control models, privileges management infrastructure and identity federation to make VOs more dynamic.

show abstract

“…In recent years, theoretical research of ABAC model has achieved some results, and it can be well used in large distributed environments [18], web service systems [19,20], network computing [21] and message sharing and management [22]. However, at present, RBAC is still the mainstream of access control model, and there is still a gap between RBAC and ABAC in terms of their extensive application.…”

Section: Related Workmentioning

confidence: 99%