A formal virtual enterprise access control model

IEEE Transactions on Systems, Man, and Cybernetics Part A:Systems and Humans

Volumn 38, Issue 4, 2008, Pages 832-851

  Chen, Tsung Yi ^a   Chen, Yuh Min ^b   Wang, Chin Bin ^a  

^a NANHUA UNIVERSITY   (Taiwan)

^b NATIONAL CHENG KUNG UNIVERSITY   (Taiwan)

Author keywords

Access control (AC); Resource sharing; Role based access control (RBAC); Virtual enterprise (VE)

Indexed keywords

ACCESS CONTROL; COMPETITION; COMPUTATIONAL LINGUISTICS; INDUSTRIAL ECONOMICS; LINGUISTICS; SECURITY SYSTEMS;

(I ,J) CONDITIONS; (R ,S ,S) POLICY; AC MODELING; ACCESS CONTROL MODELS; ALLIANCE (CO); BUSINESS PROCESSES (BP); COMPLETE INFORMATION; DISTRIBUTED RESOURCE (DR); IN ORDER; LANGUAGE MODELLING; MODEL CONSTRUCTION; PRODUCTION COSTS.; RESOURCE SHARING; ROLE-BASED; SYSTEMATIC METHODS; USER ACCESS; VIRTUAL ENTERPRISE (VE);

INDUSTRY;

EID: 46649098888     PISSN: 10834427     EISSN: None     Source Type: Journal    
DOI: 10.1109/TSMCA.2008.923090     Document Type: Article

References (41)

1. Y-M. Chen and M.-W. Liang, "Design and implementation of a collaborative engineering information system for allied concurrent engineering," Int. J. Comput. Integr. Manuf., vol. 13, no. 1, pp. 11-30, Jan. 2000.
2. A. Frenkel, H. Afsarmanesh, C. Garita, and L. O. Hertzberger, "Supporting information access rights and visibility levels in virtual enterprises," in Proc. 2nd IFIP Work. Conf. Infrastructure Virtual Enterprise, 2000, pp. 177-192.
3. J. Ma and M. A. Orgun, "Trust management and trust theory revision," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 36, no. 3, pp. 451-460, May 2006.
4. Y. Lu, W. Wang, B. Bhargava, and D. Xu, "Trust-based privacy preservation for peer-to-peer data sharing," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 36, no. 3, pp. 498-502, May 2006.
5. E. Turban, D. King, D. Viehland, and J. Lee, Electronic Commerce: A Managerial Perspective. Upper Saddle River, NJ: Pearson Educ. Int., 2006.
6. H. R. Rao and S. J. Upadhyaya, "Special issue on secure knowledge management," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 35, no. 1, p. 185, Jan. 2005.
7. E. Bertino, L. R. Khan, R. Sandhu, and B. Thuraisingham, "Secure knowledge management: Confidentiality, trust, and privacy," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 36, no. 3, pp. 429-438, May 2006.
8. R. Singh and A. F. Salam, "Semantic information assurance for secure distributed knowledge management: A business process perspective," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 36, no. 3, pp. 472-486, May 2006.
9. R. Au, M. Looi, and P. Ashley, "Automated cross-organizational trust establishment on extranets," in Proc. Workshop Inf. Technol. Virtual Enterprises, 2001, pp. 3-11.
10. T.-Y. Chen, Y.-M. Chen, C.-B. Wang, and H.-C. Chu, "Development of an access control model, system architecture and approaches for information sharing in virtual enterprise," Comput. Ind., vol. 58, no. 1, pp. 57-73, Jan. 2007.
11. T.-Y. Chen, Y.-M. Chen, H.-C. Chu, C.-B. Wang, and H. Yang, "Secure resource sharing on cross-organization collaboration using a novel trust method," Robot. Comput.-Integr. Manuf., vol. 23, no. 4, pp. 421-435, Aug. 2007.
12. M. Koch, L. V. Mancini, and F. Parisi-Presicce, Graph Transformations for the Specification of Access Control Policies. Amsterdam, The Netherlands: Elsevier science B. V, 2002.
13. D. F. Ferraiolo, D. R. Kuhn, and R. Chandramouli, Role-Based Access Control. Norwood, MA: Artech House, 2003.
14. S. Oh and S. Park, "Task-role-based access control model," Inf. Syst., vol. 28, no. 6, pp. 533-562, Sep. 2003.
15. A. Kern, "Advanced features for enterprise-wide role-based access control," in Proc. Comput. Security Appl. Conf., 2002, pp. 333-342.
16. C. J. Moon, D. H. Park, S. J. Park, and D. K. Baik, "Symmetric RBAC model that takes the separation of duty and role hierarchies into consideration," Comput. Security, vol. 23, no. 2, pp. 126-136, Mar. 2004.
17. D. Shin, G. J. Ahn, and J. S. Park, "An application of directory service markup language (DSML) for role-based access control (RBAC0)," in Proc. Comput. Softw. Appl. Conf., 2002, pp. 934-939.
18. K. Furst, T. Schmidt, and G. Wippel, "Managing access in extended enterprise networks," IEEE Internet Comput., vol. 6, no. 5, pp. 67-74, Sep./Oct. 2002.
19. J. Bacon, K. Moody, and W. Yao, "A model of OASIS role-based access control and its support for active security," ACM Trans. Inf. Syst. Security, vol. 5, no. 4, pp. 492-540, Nov. 2002.
20. F. T. Alotaiby and J. X. Chen, "A model for team-based access control (TMAC)," in Proc. Inf. Technol.: Coding Comput., 2004, vol. 1, pp. 450-454.
21. J. J. Kanet, W. Faisst, and P. Mertens, "Application of information technology to a virtual enterprise broker: The case of Bill Epstein," Int. J. Prod. Econ., vol. 62, no. 1, pp. 23-32, May 1999.
22. E. K. Ouzounis, "An agent-based platform for the management of dynamic virtual enterprises," Ph.D. dissertation, Tech. Univ. Berlin, Berlin, Germany, 2001.
23. J. S. Park and J. Hwang, "RBAC for collaborative environments: Role-based access control for collaborative enterprise in peer-to-peer computing environments," in Proc. 8th ACM Symp. Access Control Models Technol., 2003, pp. 93-99.
24. N. Mezzetti, "Towards a model for trust relationships in virtual enterprises," in Proc. 14th Int. Workshop Database Expert Syst. Appl., 2003, pp. 420-424.
25. T. J. Smith and L. Ramakrishnan, "Joint policy management and auditing in virtual organizations," in Proc. 4th Int. Workshop Grid Comput. 2003, pp. 117-124.
26. G. Steinke and R. Leamon, "Information security issues facing virtual enterprises," in Proc. Int. Conf. Eng. Technol. Manage., 1996, pp. 641-644.
27. H. Zhu, "Some issues of role-based collaboration," in Proc. Can. Conf. Elect. Comput. Eng., 2003, vol. 2, pp. 687-690.
28. G. Kolaczek, "Specification and verification of constraints in role based access control," in Proc. 12th IEEE Int. Workshops Enabling Technol.: Infrastructure Collaborative Enterprise, 2003, pp. 190-195.
29. J. Luo and D. He, "Research on object-oriented role-based access control model," in Proc. 4th Int. Conf. Parallel Distrib. Comput., Appl. Technol., 2003, pp. 132-135.
30. J. D. Moffett, "Control principles and role hierarchies," in Proc. 3rd ACM Workshop Role-Based Access Control, 1998, pp. 63-69.
31. S. Osborn, "Integrating role graphs: A tool for security integration," Data Knowl. Eng., vol. 43, no. 3, pp. 317-333, Dec. 2002.
32. M. Lorch, S. Proctor, R. Lepro, D. Kafura, and S. Shah, "First experiences using XACML for access control in distributed systems," in Proc. ACM Workshop XML Security, 2003, pp. 25-37.
33. S. Barker and P. J. Stuckey, "Flexible access control policy specification with constraint logic programming," ACM Trans. Inf. Syst. Security, vol. 6, no. 4, pp. 501-546, Nov. 2003.
34. M. Coetzee and J. H. P. Eloff, "Virtual enterprise access control requirements," in Proc. Annu. Res. Conf. South Afr. Inst. Comput. Scientists Inf. Technologists Enablement Through Technol., 2003, pp. 285-294.
35. S. Jajodia, P. Samarati, M. L. Sapino, and V. S. Subrahmanian, "Flexible support for multiple access control policies," ACM Trans. Database Syst., vol. 26, no. 2, pp. 214-260, Jun. 2001.
36. A. Belokosztolszki and K. Moody, "Meta-policies for distributed role-based access control systems," in Proc. 3rd Int. Workshop Policies Distrib. Syst. Netw., 2002, pp. 106-115.
37. S. Hada and M. Kudo, "XML document security based on provisional authorization," in Proc. 7th ACM Conf. Comput. Commun. Security, 2000, pp. 87-96.
38. G. Boella and L. van der Torre, "Security policies for sharing knowledge in virtual communities," IEEE Trans. Syst., Man, Cybern. A, Syst., Humans, vol. 36, no. 3, pp. 439-450, May 2006.
39. A. Kern, A. Schaad, and J. Moffett, "Enterprise role administration: An administration concept for the enterprise role-based access control model," in Proc. 8th ACM Symp. Access Control Models Technol., 2003, pp. 3-11.
40. R. A. Botha and J. H. P. Eloff, "Designing role hierarchies for access control in workflow systems," in Proc. 25th Annu. Int. Comput. Softw. Appl. Conf., 2001, pp. 117-122.
41. F. Dridi, B. Muschall, and G. Pernul, "Administration of an RBAC system," in Proc. 37th Annu. Hawaii Int. Conf. Syst. Sci., 2004, pp. 187-192.