|
Title:
|
COMPOSING HETEROGENOUS ACCESS POLICIES BETWEEN ORGANIZATIONS |
|
Author(s):
|
Horst F. Wedde , Mario Lischka |
|
ISBN:
|
972-98947-0-1 |
|
Editors:
|
António Palma dos Reis and Pedro Isaías |
|
Year:
|
2003 |
|
Edition:
|
1 |
|
Keywords:
|
Role-Based Access Control, Authorization, Composition . |
|
Type:
|
Full Paper |
|
First Page:
|
477 |
|
Last Page:
|
484 |
|
Language:
|
English |
|
Cover:
|
|
|
Full Contents:
|
click to dowload 
|
|
Paper Abstract:
|
One crucial aspect of information technology for e-Society is security, where authorization is one of the three important factors, besides availability and integrity. During the past years Role-Based Access Control (RBAC) has been proven a sound method of modeling the authorization within an organization. Recently we introduced a novel distributed concept RBAC which is based on distributed generation and administration of access rules through distributed authorization spheres. In this approach called Modular Authorization, we were able to provide techniques for a decentralized definition of access policies, which are inherited along the organizational structure. But in an e-Society exchange of information and therefore access to information is not limited to a single organization. In this paper we present an extended version of the Modular Authorization which allows to define access policies across the boundaries of an organization, thus taking into account both distributed and heterogeneous authorization structures. |
|
|
|
|
|
|
