Abstract
The shift towards Industry 5.0 and Society 5.0 highlights the need for human-centric systems that balance automation with societal well-being. However, this must be achieved in a constantly evolving security landscape that emphasizes security by design. Furthermore, disruptive events are becoming more frequent, demanding systems with advanced transformative resilience and antifragility. Collaborative ecosystems that can improve and adapt throughout a sequence of attacks and disruptions are essential. Privacy regulations such as GDPR have also imposed strict requirements on the usage and security of personal data. To address these challenges, we investigate the security requirements for supporting collaborative processes across different systems and illustrate them using a specific collaborative process.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
European Union. Regulation 2016/679 (General Data Protection Regulation). Official Journal of the European Union 59, 1–88 (2016)
Ferraiolo, D., Kuhn, R.: Role-based access control. In: 15th NIST-NCSC National Computer Security Conference, pp. 554–563 (1992)
Hu, V.C., Ferraiolo, D., Kuhn, R., et al.: Guide to attribute based access control (ABAC) definition and considerations. NIST Special Publication 800:162 (2014). https://doi.org/10.6028/NIST.SP.800-162
Thomas, R.K., Sandhu, R.S.: Towards a task-based paradigm for flexible and adaptable access control in distributed applications. In: Proceedings on the 1992-1993 Workshop on New Security Paradigms, pp. 138–142. ACM, New York (1993)
Thomas, R.K., Sandhu, R.S.: Conceptual foundations for a model of task-based authorisations. In: Proceedings the Computer Security Foundations Workshop VII, Franconia, NH, pp. 66–79. IEEE Computer Society (1994)
Thomas, R.K., Sandhu, R.S.: Task-based authorisation controls (TBAC): a family of models for active and enterprise-oriented authorisation management. In: Lin, T.Y., Qian, S. (eds.) Database Security XI: Status and Prospects, pp. 166–181. Springer, Boston (1998). https://doi.org/10.1007/978-0-387-35285-5_10
Thomas, R., Sandhu, R., Das, S.: Task-Based Authorisations, Ithaca, NY (1999)
Oh, S., Park, S.: Task–role-based access control model. Inf. Syst. 28, 533–562 (2003). https://doi.org/10.1016/S0306-4379(02)00029-7
Leitner, M., Rinderle-Ma, S.: A systematic review on security in process-aware information systems – constitution, challenges, and future directions. Inf. Softw. Technol. 56(3), 273–293 (2014). https://doi.org/10.1016/j.infsof.2013.12.004
Thomas, R.K., Sandhu, R.S.: Towards a task-based paradigm for flexible and adaptable access control in distributed applications. In: Proceedings New Security Paradigms Workshop, pp. 138–142 (1993)
Jones, M., Hardt, D.: The OAuth 2.0 Authorisation Framework: Bearer Token Usage [RFC 6750] (2012)
Jin, X., Krishnan, R., Sandhu, R.: A unified attribute-based access control model covering DAC, MAC and RBAC. In: Cuppens-Boulahia, N., Cuppens, F., Garcia-Alfaro, J. (eds.) Data and Applications Security and Privacy XXVI, pp. 41–55. Springer, Heidelberg (2012). https://doi.org/10.1007/978-3-642-31540-4_4
Sandhu, R.: The authorisation leap from rights to attributes: maturation or chaos? In: Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT, pp. 69–70 (2012). https://doi.org/10.1145/2295136.2295150
Schefer-Wenzl, S., Strembeck, M.: Model-driven specification and enforcement of RBAC break-glass policies for process-aware information systems. Inf. Softw. Technol. 56, 1289–1308 (2014). https://doi.org/10.1016/j.infsof.2014.04.010
Lu, Y., Zhang, L., Sun, J.: Task-activity based access control for process collaboration environments. Comput. Ind. 60(6), 403–415 (2009). https://doi.org/10.1016/j.compind.2009.02.009
Jordan, D., Evdemon, J., Alves, A., et al.: Web services business process execution language version 2.0 (OASIS standard). WS-BPEL, pp. 1–264 (2007)
OMG. Business Process Model and Notation (BPMN) Version 2.0. Business 50:170 (2011). https://doi.org/10.1007/s11576-008-0096-z
Parducci, B., Lockhart, H.: eXtensible Access Control Markup Language (XACML) Version 3.0 (2013)
Sakimura, N., Bradley, J., Jones, M., et al.: OpenID Connect Core 1.0 (2014)
Maler, E., Machulak, M., Richer, J., Hardjono, T.: User-Managed Access (UMA) 2.0 Grant for OAuth 2.0 Authorisation. Network Working Group (2019). https://tools.ietf.org/html/draft-maler-oauth-umagrant-00
Maler, E., Machulak, M., Richer, J., Hardjono, T.: Federated Authorisation for User-Managed Access UMA‚ 2.0. Network Working Group (2019) https://datatracker.ietf.org/doc/html/draft-maler-oauth-umafedauthz-00. Accessed 7 July 2021
Lockhart, H., Campbell, B., Ragouzis, N., et al.: SAML v2.0 Technical Overview (2005)
He, R., Yuan, M., Hu, J., et al.: A novel service-oriented AAA architecture. In: 14th IEEE Proceedings on Personal, Indoor and Mobile Radio Communications, PIMRC 2003, pp. 2833–2837. IEEE (2003)
Gommans, L., Travostino, F., Vollbrecht, J., et al.: Token-based authorisation of connection oriented network resources. In: GRIDNETS Conference Proceedings. System and Network Engineering (IVI, FNWI), Amsterdam (2004)
Chatterjee, A., Prinz, A.: Applying spring security framework with KeyCloak-based OAuth2 to protect microservice architecture APIs: a case study. Sensors 22, 1703 (2022). https://doi.org/10.3390/s22051703
Politze, M.: A reference architecture and implementation enabling data protection in distributed learning and science processes. RWTH Aachen University (2019)
Politze, M., Decker, B.: Extending the OAuth2 workflow to audit data usage for users and service providers in a cooperative scenario. In: 10. DFN-Forum Kommunikationstechnologien. Gesellschaft für Informatik eV
Schäffer, E., Schobert, M., Reichenstein, T., et al.: Reference architecture and agile development method for a process-driven web platform based on the BPMN-standard and process engines. Procedia CIRP 103, 146–151 (2021). https://doi.org/10.1016/j.procir.2021.10.023
Karadimas, D., Panagiotou, C., Gialelis, J., et al.: Process based machine learning for energy optimization in industrial enterprises. In: 2021 10th Mediterranean Conference on Embedded Computing (MECO), pp. 1–4. IEEE (2021)
Suzic, B.: Securing integration of cloud services in cross-domain distributed environments. In: Proceedings of the 31st Annual ACM Symposium on Applied Computing, pp. 398–405. ACM, New York (2016)
Suzic, B.: User-centered security management of API-based data integration workflows. In: 2016 IEEE/IFIP Network Operations and Management Symposium, NOMS 2016, pp. 1233–1238. IEEE (2016)
Tolone, W., Ahn, G.-J., Pai, T., Hong, S.-P.: Access control in collaborative systems. ACM Comput. Surv. 37, 29–41 (2005). https://doi.org/10.1145/1057977.1057979
Saltzer, J.H.: Protection and control of information sharing in Multics. In: Proceedings of the 4th ACM Symposium on Operating Systems Principles, SOSP 1973, p. 119 (1973)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2023 IFIP International Federation for Information Processing
About this paper
Cite this paper
de Vrieze, P., Xu, L. (2023). Securing Collaborative Networks: Requirements of Supporting Secured Collaborative Processes. In: Camarinha-Matos, L.M., Boucher, X., Ortiz, A. (eds) Collaborative Networks in Digitalization and Society 5.0. PRO-VE 2023. IFIP Advances in Information and Communication Technology, vol 688. Springer, Cham. https://doi.org/10.1007/978-3-031-42622-3_13
Download citation
DOI: https://doi.org/10.1007/978-3-031-42622-3_13
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-42621-6
Online ISBN: 978-3-031-42622-3
eBook Packages: Computer ScienceComputer Science (R0)
