[6-26]Specification and Enforcement of Flexible Security Policy for Active Cooperation
Date:2008-06-18
Title: Specification and Enforcement of Flexible Security Policy for Active Cooperation
Speaker: Sun Yuqing
Time: 2:30 pm, June 26, 2008
Venue: Lecture room, Level 5 Building #5, ISCAS
Abstract:
Interoperation and services sharing among different systems are becoming new paradigms for enterprise collaboration. To keep ahead in strong competition environments, an enterprise should provide flexible and comprehensive services to partners and support active collaborations with partners and customers. Achieving such goals requires enterprises to specify and enforce flexible security policies for their information systems.
Although the area of access control has been widely investigated, current approaches still do not support flexible security policies able to account for different weighs that typically characterize the various attributes of the requesting parties and transactions and reflect the access control criteria that are relevant for the enterprise. In this paper we propose a novel approach that addresses such flexibility requirements while at the same time reducing the complexity of security management. To support flexible policy specification, we define the notion of restraint rules for authorization management processes and introduce the concept of impact weight for the conditions in these restraint rules. We also introduce a new data structure for the encoding of the condition tree as well as the corresponding algorithm for efficiently evaluating conditions. Furthermore, we present a system architecture that implements above approach and supports interoperation among heterogeneous platforms.
Prof. Sun Yuqing:
Sun Yuqing is currently an associate professor in the School of Computer Science and Technology at ShanDong University, and the director of the Department of Electronic Business. She received her BSc, Master and PhD degrees in Computer Science and Technology from Shandong University.<http://www.cuhk.edu.hk/>She has been a visiting scholar in Hongkong University (Hongkong) from September until December of 2005 and a visiting scholar from May of 2007 until April of 2008 in the Department of Computer Science and CERIAS at Purdue University (US). Her research activities are related to various topics: access control model and technology; security policy; security in web services; workflow management; trust management. She has published more than twenty papers in international conferences and journals in recent years. She received the First-class of 2006 Outstanding Computer Application Award of Shandong Province. She is the primary investigator of the Momentous Science Development Plan Program of Shandong province and attends a few national and local research projects. She reviews for many journals and has served on the program committees of many international conferences. Currently, she is serving on the program committees of EDOC2008, SCC2008, ICMLC 2008, MUE2008, ICESS 2008, ICPCA 2008 etc.