Policy reconciliation for access control in dynamic cross-enterprise collaborations

Preuveneers, Davy; Joosen, Wouter; Ilie‐Zudor, Elisabeth

doi:10.1080/17517575.2017.1355985

Cited by 15 publications

(9 citation statements)

References 25 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Liu et al [24] raised similar security concerns particularly for collaborative manufacturing systems, and argued that configuring and enforcing an access control model in a collaborative manufacturing system is a challenging task. This concern was addressed in [34,35] with a framework that enables policy-based access control to maintain trust relationships that cross the boundaries of collaborating organizations, while lifting the burden to manually align diverse sets of authorization policies of different organizations.…”

Section: Trust Models Access Control and Policy-based Authorizationmentioning

confidence: 99%

Towards trustworthy Cyber-physical Production Systems: A dynamic agent accountability approach

Beregi

Pedone

Preuveneers

2021

AIS

View full text Add to dashboard Cite

Smart manufacturing is a challenging trend being fostered by the Industry 4.0 paradigm. In this scenario Multi-Agent Systems (MAS) are particularly elected for modeling such types of intelligent, decentralised processes, thanks to their autonomy in pursuing collective and cooperative goals. From a human perspective, however, increasing the confidence in trustworthiness of MAS based Cyber-physical Production Systems (CPPS) remains a significant challenge. Manufacturing services must comply with strong requirements in terms of reliability, robustness and latency, and solution providers are expected to ensure that agents will operate within certain boundaries of the production, and mitigate unattended behaviours during the execution of manufacturing activities. To address this concern, a Manufacturing Agent Accountability Framework is proposed, a dynamic authorization framework that defines and enforces boundaries in which agents are freely permitted to exploit their intelligence to reach individual and collective objectives. The expected behaviour of agents is to adhere to CPPS workflows which implicitly define acceptable regions of behaviours and production feasibility. Core contributions of the proposed framework are: a manufacturing accountability model, the representation of the Leaf Diagrams for the governance of agent behavioural autonomy, and an ontology of declarative policies for the identification and avoidance of ill-intentioned behaviours in the execution of CPPS services. We outline the application of this enhanced trustworthiness framework to an agent-based manufacturing use-case for the production of a variety of hand tools.

show abstract

Section: Trust Models Access Control and Policy-based Authorizationmentioning

confidence: 99%

Towards trustworthy Cyber-physical Production Systems: A dynamic agent accountability approach

Beregi

Pedone

Preuveneers

2021

AIS

View full text Add to dashboard Cite

show abstract

“…Evidently, the existence of virtual communities depends on the amount of effort (and strategies or mechanisms) put in by the administrator or organisers or users of the virtual community (Preuveneers et al, 2017). It appears that the existing literature focuses on identifying the various stages in the life cycle of a virtual community.…”

Section: Life Cycle Of Virtual Communitiesmentioning

confidence: 99%

A methodology for creating sustainable communities based on dynamic factors in virtual environments

Fachrunnisa

Hussain

2020

IJEB

View full text Add to dashboard Cite

A virtual community is one of communities that exist in an internet economy; however, little research has been conducted on how to make it sustainable. We propose a methodology for creating sustainable virtual communities which depends on the community's respond to the dynamic factors in its environment such as number of members, shared contents and interaction rules. The methodology proposes the use of iterative negotiation and a panel of expert agents to assess the quality of service (QoS) delivered. This QoS assessment is based on an interaction agreement between the community members and expert agent as the administrator's representative. The administrators use this QoS assessment to determine whether an individual's membership will be renewed or terminated after a certain period of time. We present a metric to measure the sustainability index and demonstrate the validity of the methodology by engineering a prototype setup and running simulations under various operational conditions.

show abstract

“…Authors in [21] address access control in dynamic crossenterprise collaborations by proposing a framework for attribute and policy reconciliation, where attribute definitions or their interpretations are not standardized. The framework externalizes domain knowledge in order to dynamically infer attribute relationships during the evaluation of authorization decisions.…”

Section: Distributedmentioning

confidence: 99%

“…From this syntax we can switch to any XACML profile, and thereafter it will be translated to the target policy language which is specific to the model. Our solution is distributed, but unlike existing distributed solutions [10,11,20,21], we consider heterogeneous existing access control systems adopting heterogeneous models (ABAC, RBAC, UCON. .…”

Section: Our Proposed Mechanism Of Automatic Mapping Between Heterogementioning

confidence: 99%

Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism

Haguouche

Jarir

2018

Security and Communication Networks

View full text Add to dashboard Cite

During the last decade, organizations have been more and more aware of the benefits of engaging in collaborative activities. To attain a required collaborative objective, they are obligated to share sensitive resources such as data, services, and knowledge. However, sharing sensitive and private resources and exposing them for an external usage may prevent the organizations involved from collaborating. Therefore, this usage requires more preoccupation with security issues. Access control is one of these required security concerns. Several access control models are defined in the literature and this multitude of models creates heterogeneity of access control policies between the collaborating organizations. In this paper, we propose Access Control in Cross-Organizational coLLABoration ACCOLLAB, a solution for automatic mapping between heterogeneous access control policies in cross-organizational collaboration. To carry out this mapping, we suggest a mechanism founded mainly on XACML profiles and on a generic language derivative of XACML we define as Generic-XACML. We also formally prove that the mapping does not affect decision evaluation of policies. Thereby the proposed contribution ACCOLLAB allows each collaborating organization to communicate their access control policies and adopt other's policies without affecting their existing access control systems.

show abstract

Policy reconciliation for access control in dynamic cross-enterprise collaborations

Cited by 15 publications

References 25 publications

Towards trustworthy Cyber-physical Production Systems: A dynamic agent accountability approach

Towards trustworthy Cyber-physical Production Systems: A dynamic agent accountability approach

A methodology for creating sustainable communities based on dynamic factors in virtual environments

Towards a Secure and Borderless Collaboration between Organizations: An Automated Enforcement Mechanism

Contact Info

Product

Resources

About