Figure 1 - uploaded by Serban I. Gavrila
Content may be subject to copyright.
Architecture for Administration of Integrated Security Services
Source publication
Coalitions are collaborative networks of autonomous domains where resource sharing is achieved by the distribution of access permissions to coalition members based on negotiated resource-sharing agreements. The focus of our research is on dynamic coalitions, namely, coalitions where member domains may leave or new domains may join during the life o...
Context in source publication
Context 1
... 4 briefly discusses coalition dynamics and Section 5 summarizes our work. In Figure 1 above, we outline the architecture for administration of integrated security services in dynamic coalitions comprising of two domains -a scenario that can easily be extended to n domains. We assume that each autonomous domain has its own Identity Certificate Authority (CA) that distributes identity certificates to users registered in that domain, and a database of users, resources (objects, applications), permissions, and local access policies. ...
Similar publications
Coalitions are collaborative networks of autonomous domains where resource sharing is achieved by the distribution of access permissions to coalition members based on negotiated resource-sharing agreements. The focus of our research is on dynamic coalitions, namely, coalitions where member domains may leave or new domains may join during the life o...
Citations
... There exists a need for coalitions in the commercial world as well as in government settings. What follows are two examples of commercial coalitions, taken from [15, 17]. First, consider a genetics research firm that discovers a gene sequence associated with a disease and establishes a coalition with a pharmaceutical company, two research hospitals and a Food and Drug Administration review board (FDA board) to find a cure using the gene sequence. ...
Dynamic coalitions enable autonomous domains to achieve common objectives by sharing resources based on negotiated resource-sharing agreements. A major requirement for administering dynamic coalitions is the availability of a comprehensive set of access control tools. In this paper we discuss the design, implementation, evaluation, and demonstration of such tools. In particular, we have developed tools for negotiating resource-sharing agreements, access policy specification, access review, wholesale and selective distribution and revocation of privileges, and policy decision and enforcement.
... Public key cryptography is a partial solution to the problem, but also creates a difficult key distribution problem. There has been significant research activity in this area [10,22]. ...
Today, information sharing is critical to almost every institution. There is no more critical need for information sharing than during an international crisis, when international coalitions dynamically form. In the event of a crisis, whether it is humanitarian relief, natural disaster, combat operations, or terrorist incidents, international coalitions have an immediate need for information. These coalitions are formed with international cooperation, where each participating country offers whatever resources it can muster to support the given crisis. These situations can occur suddenly, simultaneously, and without warning. Often times, participants are coalition partners in one crisis and adversaries in another, raising difficult security issues with respect to information sharing. Our specific interest is in the Dynamic Coalition Problem (DCP), with an emphasis on the information sharing and security risks when coalitions are formed in response to a crisis. This paper defines the DCP and explores its intricate, challenging, and complex information and resource sharing, and security issues, utilizing real-world situations, which are drawn from a military domain.
Each year, the Software Engineering Institute (SEI) undertakes several Independent Research and Development (IR&D) projects. These projects serve to (1) support feasibility studies investigating whether further work by the SEI would be of potential benefit, and (2) support further exploratory work to determine whether there is sufficient value in eventually funding the feasibility study work as an SEI initiative. Projects are chosen based on their potential to mature and/or transition software engineering practices, develop information that will help in deciding whether further work is worth funding, and set new directions for SEI work. This report describes the IR&D projects that were conducted during fiscal year 2004 (October 2003 through September 2004). In addition, this report provides information on what the SEI has learned in its role as a technology scout for developments over the past year in the field of software engineering.
