Abstract
Rapid technological advancements capitalising on the convergence of information (middleware) and communication (network) technologies now enable open application-to-application communication and bring about the prospect of ad hoc integration of systems across organisational boundaries to support collaborations that may last for a single transaction or evolve dynamically over a longer period. Architectures for managing networks of collaborating peers in such environments face new security and trust management challenges. In this paper we will introduce the basic elements of such an architecture emphasising trust establishment, secure collaboration, distributed monitoring and performance assessment issues.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Bellovin, S.M.: Distributed Firewalls. login: Magazine of USENIX, 37–39 (November 1999)
Bradshaw, J., et al.: Representation and reasoning about DAML-based policy and domain services in KAoS. In: Proc of 2nd Int Joint Conference on Autonomous Agents and Multi Agent Systems (AAMAS 2003), Melbourne, Australia, July 14-18 (2003)
Braynov, S.: On Future Avenues for Distributed Attacks. In: Proc of 2nd European Conference on Information Warfare and Security (ECIW 2003), July 2003, pp. 51–60 (2003)
Chadwick, D.W., Otenko, A.: RBAC Policies in XML for X.509 Based Privilege Management. In: Proc. IFIP SEC 2002, Kluwer Academic Publishers, Dordrecht (2002)
Damianou, N., Dulay, N., Lupu, E., Sloman, M.: The Ponder Policy Specification Language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–39. Springer, Heidelberg (2001)
Dimitrakos, T., Djordjevic, I., Matthews, B., Bicarregui, J., Phillips, C.: Policy Driven Access Control over Distributed Firewall Architecture. In: Proc of Policy 2002, pp. 228–231. IEEE Computer Society, Los Alamitos (2002) ISBN 0-7695-1611-4
Dimitrakos, T., Djordjevic, I., Milosevic, Z., Jøsang, A., Phillips, C.: Contract Performance Assessment for Secure and Dynamic Virtual Collaborations. In: Proc. of EDOC 2003, 7th IEEE Int Enterprise Distributed Object Computing Conference (2003)
Dimitrakos, T., Randal Mac, D., Yuan, F., Gaeta, M., Laria, G., Ritrovato, P., Serhan, B., Wesner, S., Wulf, K.: An Emerging Architecture Enabling Grid-based Application Service Provision. In: Proc of the 7th IEEE Int Enterprise Distributed Object Computing Conference (EDOC 2003), Brisbane, Australia, September 16-19, IEEE Press, Los Alamitos (2003)
Djordjevic, I., Phillips, C.: Architecture for Secure Work of Dynamic Distributed Groups. In: Proc of 1st IEEE Consumer Communication and Networking Conference (CCNC 2004), Las Vegas, Nevada, USA, January 5-8 (2004)
Djordjevic, I., Phillips, C.: Certificate-Based Distributed Firewalls for Secure E-Commerce Transactions. Journal of the Institution of British Telecommunications Engineers (IBTE) 2, part 3, 14–19 (2001)
Dragovic, B., Hand, S., Harris, T.L., Kotsovinos, E., Twigg, A.: Managing Trust and Reputation in the XenoServer Open Platform. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 59–74. Springer, Heidelberg (2003)
Farrel, S., Housley, R.: An Internet Attribute Certificate Profile for Authorization, RFC 3281, Network Working Group, IETF (April 2002)
Gray, E., Seigneur, J.-M., Chen, Y., Jensen, C.D.: Trust Propagation in Small Worlds. In: Nixon, P., Terzis, S. (eds.) iTrust 2003. LNCS, vol. 2692, pp. 239–254. Springer, Heidelberg (2003)
Golbeck, J., Parsia, B., Hendler, J.: Trust networks on the semantic web. In: Proc. of Cooperative Intelligent Agents 2003, Helsinki, Finland (August 2003)
Housley, R., Polk, W., Ford, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile, RFC 3280, Network Working Group, IETF (April 2002)
Ioannidis, S., Bellovin, S.M., Ioannidis, J., Keromytis, A.D., Smith, J.M.: Design and Implementation of Virtual Private Services. In: Proc of 12th IEEE Int Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprises, Linz, Austria, June 9-11, pp. 269–275. IEEE CS, Los Alamitos (2003)
Jin, H., Xian, F., Han, Z., Li, S.: A Distributed Dynamic micro-Firewall Architecture with Mobile Agents and KeyNote Trust Management System. In: Deng, R.H., Qing, S., Bao, F., Zhou, J. (eds.) ICICS 2002. LNCS, vol. 2513, pp. 13–24. Springer, Heidelberg (2002)
Jøsang, A.: A Logic for Uncertain Probabilities. International Journal of Uncertainty, Fuzziness and Knowledge-Based Systems 9(3), 279–311 (2001)
Kagal, L., et al.: Towards Authorization, Confidentiality and Privacy for Semantic Web Services. In: Proc of AAAI 2004 Spring Symposium on Semantic Web Services (2004)
Menezes, A., van Oorschot, P., Vanstone, S.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1996) ISBN: 0-8493-8523-7
Munson, J.C., Wimer, S.: Watcher: The Missing Piece of Security Puzzle. In: Proc of 17th Annual Conference on Computer Security Applications (ACSAC 2001), pp. 230–239 (2001)
Security in Microsoft.NET Framework; Analysis by Foundstone, Inc. & CORE Security Technologies (2000), http://www.foundstone.com/pdf/dotnet-security-framework.pdf
Maywah, A.J.: An Implementation of a Secure Web Client Using SPKI/SDSI Certificates. MSc Thesis, Dept of Elec. Engineering and Comp. Science, MIT (2000)
GRASP Homepage, http://www.eu-grasp.com
Wallner, D., Harder, E., Agee, R.: Key Management for Multicast: Issues and Architectures. RFC 2627, Network Working Group, IETF (June 1999)
Globus CAS, http://www.globus.org/security/CAS/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Djordjevic, I., Dimitrakos, T. (2004). Towards Dynamic Security Perimeters for Virtual Collaborative Networks. In: Jensen, C., Poslad, S., Dimitrakos, T. (eds) Trust Management. iTrust 2004. Lecture Notes in Computer Science, vol 2995. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-24747-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-540-24747-0_15
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-21312-3
Online ISBN: 978-3-540-24747-0
eBook Packages: Springer Book Archive