Title: Formal framework for defining trust in multi-organisation environment

Authors: Khalifa Toumi; César Andrés; Ana Cavalli

Addresses: TELECOM and Management SudParis, CNRS UMR Samovar, 9 rue Charles Fourrier, F-91011 Evry, France ' C/ Prof. José García Santesmases, Departamento de Sistemas Informáticos y Computación, Universidad Complutense de Madrid, s/n, 28040 Madrid, Spain ' TELECOM and Management SudParis, CNRS UMR Samovar, 9 rue Charles Fourrier, F-91011 Evry, France

Abstract: Multi-organisations environment (MOE) is composed of several players that depend on each other for resources and services. Having a good access control policy to these resources becomes necessary. Moreover, being able to define a dynamic policy, meaning that it adapts over time, provides us with a more versatile way when administering these systems. In this paper, we extend the classical framework: organisation-based access control (OrBAC), adapted to MOE, adding trust information. Initially we present the theoretical framework to represent trust among organisations and users of the system, and then we present its inclusion in OrBAC as a new logical context for rule firing.

Keywords: security; trust; distributed systems; access control; formalisation; multiple organisations; multi-organisation environment.

DOI: 10.1504/IJAACS.2016.075389

International Journal of Autonomous and Adaptive Communications Systems, 2016 Vol.9 No.1/2, pp.164 - 178

Received: 18 Sep 2013
Accepted: 31 Dec 2013

Published online: 19 Mar 2016 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article