An authorization model for cross-enterprise collaborations



In the modern enterprise world, collaboration has emerged as a standard of best business practice. In order to build competitive advantages and minimize inefficiencies, organizations nowadays pursuit strategic alliances with partners outside the comfort of familiar security zones, loosen their hierarchical structures, exploit “edge” competencies, and aggregate diverse and heterogeneous sources of information. Nevertheless, such techniques dictate the concentration, use, and circulation of corporate information and sensitive personal data and, thus, ignite severe information confidentiality and privacy concerns. Hence, the employment of the appropriate collaboration technology is not sufficient; potential lack of successful protection mechanisms limits the effectiveness of partnerships and denies the respective investments to reach their full potential. In this paper, an authorization framework toward the protection of sensitive resources in the context of cross-enterprise scenarios is presented. The proposed framework is founded on the utilization of a semantic information model, which integrates individual privacy preferences, organizational access control rules and information handling policies into the authorization determination procedure. Partners within the framework are organized in a bridged federated architecture in order to build a secure communication network, within which semantic and trust interoperability is guaranteed. Copyright © 2014 John Wiley & Sons, Ltd.