Repository logo

Infoscience

  • English
  • French
Log In
Logo EPFL, École polytechnique fédérale de Lausanne

Infoscience

  • English
  • French
Log In
  1. Home
  2. Academic and Research Output
  3. Journal articles
  4. Abstract interdomain security assertions: A basis for extra-grid virtual organizations
 
research article

Abstract interdomain security assertions: A basis for extra-grid virtual organizations

Carpenter, Brian E.
•
Janson, Philippe A.  
2004
IBM Systems Journal

One significant challenge in building grids between organizations with heterogeneous security systems is the need to express and enforce security policies that specify the users in one organization (the source domain) who are allowed to access the resources in another organization (the target domain). This requires linking the syntax and semantics of security assertions referring to users and their attributes in the source domain to those referring to resources in the target domain. This paper suggests some basic requirements for solving this problem, in particular, an abstract form of interdomain security assertion (IDSA) relying, for instance, on globally meaningful URIs (Uniform Resource Identifiers) to refer to users, resources, and their attributes. This canonical abstract form IDSA is, however, used strictly for assertion mapping purposes. It may - but need not - be visible in any concrete security assertion syntax in any domain. The paper further suggests different scenarios in which URIs for users, resources, and attributes defined in one domain can be mapped to semantically meaningful references - with varying degrees of granularity and accountability - in another domain where they would otherwise be meaningless. © 2004 IBM.

  • Details
  • Metrics
Type
research article
DOI
10.1147/sj.434.0689
Author(s)
Carpenter, Brian E.
Janson, Philippe A.  
Date Issued

2004

Published in
IBM Systems Journal
Volume

43

Issue

4

Start page

689

End page

701

Subjects

Intellectual property

•

Merging

•

Security of data

•

Security systems

•

Semantics

•

Syntactics

Editorial or Peer reviewed

REVIEWED

Written at

OTHER

EPFL units
LACAL  
Available on Infoscience
June 24, 2010
Use this identifier to reference this record
https://infoscience.epfl.ch/handle/20.500.14299/51001
Logo EPFL, École polytechnique fédérale de Lausanne
  • Contact
  • infoscience@epfl.ch

  • Follow us on Facebook
  • Follow us on Instagram
  • Follow us on LinkedIn
  • Follow us on X
  • Follow us on Youtube
AccessibilityLegal noticePrivacy policyCookie settingsEnd User AgreementGet helpFeedback

Infoscience is a service managed and provided by the Library and IT Services of EPFL. © EPFL, tous droits réservés