{"title":"Security-Oriented Workflows for the Social Sciences","authors":"R. Sinnott, Sardar Hussain","doi":"10.1109/NSS.2010.72","DOIUrl":null,"url":null,"abstract":"The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow environments. Typically workflows capture a research process that can be shared and repeated by others. However, existing models of workflow definition and enactment assume that services are directly available and can be accessed and invoked by arbitrary users or enactment engines. In more security-oriented domains, such assumptions rarely hold true. Rather in many domains, service providers demand to be autonomous and define and enforce their own service / resource access control using locally defined policy enforcement points (PEP) and policy decision points (PDP) which allow access and usage of resources to be strictly monitored and enforced. In this paper, we outline how it is possible to support security-oriented workflow definition and enactment through chaining of PDPs to support “workflow-oriented” access control. To demonstrate this, we focus on a case study taken from the Economic and Social Science Research Council (ESRC) funded Data Management through e-Social Science (DAMES – www.dames.org.uk) project in the area of depression, self-harm and suicide.","PeriodicalId":127173,"journal":{"name":"2010 Fourth International Conference on Network and System Security","volume":"13 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2010-09-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"7","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2010 Fourth International Conference on Network and System Security","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/NSS.2010.72","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 7
Abstract
The service-oriented computing paradigm and its application to support e-Infrastructures offers, at least in principle, the opportunity to realise platforms for multi- and inter-disciplinary research. Augmenting the service-oriented model for e-Research are mechanisms for services to be coupled and enacted in a coordinated manner through workflow environments. Typically workflows capture a research process that can be shared and repeated by others. However, existing models of workflow definition and enactment assume that services are directly available and can be accessed and invoked by arbitrary users or enactment engines. In more security-oriented domains, such assumptions rarely hold true. Rather in many domains, service providers demand to be autonomous and define and enforce their own service / resource access control using locally defined policy enforcement points (PEP) and policy decision points (PDP) which allow access and usage of resources to be strictly monitored and enforced. In this paper, we outline how it is possible to support security-oriented workflow definition and enactment through chaining of PDPs to support “workflow-oriented” access control. To demonstrate this, we focus on a case study taken from the Economic and Social Science Research Council (ESRC) funded Data Management through e-Social Science (DAMES – www.dames.org.uk) project in the area of depression, self-harm and suicide.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
