{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T23:10:50Z","timestamp":1654125050392},"reference-count":24,"publisher":"IGI Global","issue":"1","content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2012,1,1]]},"abstract":"<p>The authors describe a model to provide access control for information flow that crosses organisational boundaries. The model specifies a distributed access control enforcement approach for workflow objects (e.g., a document assigned to a pre-defined workflow) using software agents and data encryption techniques. Access to restricted content within the workflow object is based on the possession of encryption keys and role enactment. The model relies on trusted software agents to verify and ensure the validity of the workflow object. The authors construct a prototype and report on a case study that demonstrates the feasibility of the proposal.<\/p>","DOI":"10.4018\/jec.2012010102","type":"journal-article","created":{"date-parts":[[2012,1,13]],"date-time":"2012-01-13T15:27:30Z","timestamp":1326468450000},"page":"17-35","source":"Crossref","is-referenced-by-count":2,"title":["Supporting Secure Information Flow"],"prefix":"10.4018","volume":"8","author":[{"given":"Shane","family":"Bracher","sequence":"first","affiliation":[{"name":"SAP Research, Australia"}]},{"given":"Padmanabhan","family":"Krishnan","sequence":"additional","affiliation":[{"name":"Bond University, Australia"}]}],"member":"2432","reference":[{"key":"jec.2012010102-0","unstructured":"W3C. (2005). Document object model (DOM). Retrieved from http:\/\/www.w3.org\/DOM\/"},{"key":"jec.2012010102-1","doi-asserted-by":"crossref","unstructured":"Ardissono, L., Goy, A., Petrone, G., & Segnan, M. (2009). SynCFr: Synchronization collaboration framework. In Proceedings of the Fourth International Conference on Internet and Web Applications and Services (pp. 18-23).","DOI":"10.1109\/ICIW.2009.11"},{"issue":"4","key":"jec.2012010102-2","doi-asserted-by":"crossref","DOI":"10.1016\/j.compind.2005.01.004","article-title":"Collaborative business and data privacy: Toward a cyber-control?","volume":"56","author":"F.Biennier","year":"2005","journal-title":"Computers in Industry"},{"key":"jec.2012010102-3","author":"S.Bracher","year":"2009","journal-title":"Secure information flow for inter-organisational collaborative environments"},{"key":"jec.2012010102-4","doi-asserted-by":"crossref","unstructured":"Crampton, J. (2005). A reference monitor for workflow systems with constrained task execution. In Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, Stockholm, Sweden (pp. 38-47).","DOI":"10.1145\/1063979.1063986"},{"key":"jec.2012010102-5","unstructured":"Graubart, R. (1989). On the need for a third form of access control. In Proceedings of the 12th National Computing Security Conference (pp. 296-303)."},{"key":"jec.2012010102-6","doi-asserted-by":"publisher","DOI":"10.4018\/jec.2008040102"},{"key":"jec.2012010102-7","unstructured":"Hafner, M., Breu, R., & Breu, M. (2005). A security architecture for inter-organizational workflows: Putting security standards for web services together. In Proceedings of the 7th International Conference on Enterprise Information Systems, Miami, FL (pp. 128-135)."},{"key":"jec.2012010102-8","doi-asserted-by":"crossref","unstructured":"Harrington, A., & Jensen, C. (2003). Cryptographic access control in a distributed file system. In Proceedings of the 8th ACM Symposium on Access Control Models and Technologies, Como, Italy (pp. 158-165).","DOI":"10.1145\/775412.775432"},{"key":"jec.2012010102-9","doi-asserted-by":"crossref","unstructured":"Kang, M., Park, J., & Froscher, J. (2001). Access control mechanisms for inter-organizational workflow. In Proceedings of the 6th ACM Symposium on Access Control Models and Technologies, Chantilly, VA (pp. 66-74).","DOI":"10.1145\/373256.373266"},{"key":"jec.2012010102-10","author":"A.Knoepfel","year":"2006","journal-title":"Fundamental modeling concepts: Effective communication of IT systems"},{"key":"jec.2012010102-11","doi-asserted-by":"crossref","unstructured":"Koshutanski, H., & Massacci, F. (2003). An access control framework for business processes for web services. In Proceedings of the ACM Workshop on XML Security, Fairfax, VA (pp. 15-24).","DOI":"10.1145\/968559.968562"},{"key":"jec.2012010102-12","doi-asserted-by":"crossref","unstructured":"Kraft, R. (2002). Designing a distributed access control processor for network services on the web. In Proceedings of the ACM Workshop on XML Security, Fairfax, VA (pp. 36-52).","DOI":"10.1145\/764792.764799"},{"key":"jec.2012010102-13","doi-asserted-by":"crossref","unstructured":"Miklau, G., & Suciu, D. (2003). Controlling access to published data using cryptography. In Proceedings of the 29th International Conference on Very Large Data Bases, Berlin, Germany (pp. 898-909).","DOI":"10.1016\/B978-012722442-8\/50084-7"},{"key":"jec.2012010102-14","unstructured":"NEHTA. (2007). NEHTA industry seminar (discharge summary: The information -- sample discharge summary). Retrieved from http:\/\/www.nehta.gov.au\/index.php?option=com_docman&task=doc_details&gid=309&Itemid=139&catid=150"},{"key":"jec.2012010102-15","doi-asserted-by":"crossref","unstructured":"Noor, A. (2008). Securing the core with an enterprise key management infrastructure (EKMI). In Proceedings of the 7th Symposium on Identity and Trust on the Internet, Gaithersburg, MD (pp. 98-111).","DOI":"10.1145\/1373290.1373303"},{"key":"jec.2012010102-16","unstructured":"OASIS. (2004). Security assertion markup language (SAML). Retrieved from http:\/\/www.oasis-open.org\/committees\/tc_home.php?wg_abbrev=security#saml"},{"key":"jec.2012010102-17","unstructured":"OASIS. (2005). eXtensible access control markup language (XACML). Retrieved from http:\/\/www.oasis-open.org\/committees\/tc_home.php?wg_abbrev=xacml"},{"key":"jec.2012010102-18","unstructured":"Park, J., & Sandhu, R. (2002a). Originator control in usage control. In Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (p. 60)."},{"key":"jec.2012010102-19","doi-asserted-by":"crossref","unstructured":"Park, J., & Sandhu, R. (2002b). Towards usage control models: Beyond traditional access control. In Proceedings of the 7th ACM Symposium on Access Control Models and Technologies, Monterey, CA (pp. 57-64).","DOI":"10.1145\/507711.507722"},{"key":"jec.2012010102-20","doi-asserted-by":"publisher","DOI":"10.4018\/jec.2009040105"},{"key":"jec.2012010102-21","doi-asserted-by":"crossref","unstructured":"Vimercati, S. D. C. d., Foresti, S., Jajodia, S., Paraboschi, S., & Samarati, P. (2007). A data outsourcing architecture combining cryptography and access control. In Proceedings of the ACM Workshop on Computer Security Architecture, Fairfax, VA (pp. 63-69).","DOI":"10.1145\/1314466.1314477"},{"key":"jec.2012010102-22","doi-asserted-by":"crossref","unstructured":"Warner, J., & Atluri, V. (2006). Inter-instance authorization constraints for secure workflow management. In Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, Lake Tahoe, CA (pp. 190-199).","DOI":"10.1145\/1133058.1133085"},{"key":"jec.2012010102-23","doi-asserted-by":"crossref","unstructured":"Zrelli, S., Medeni, T., & Shinoda, Y. (2007). Improving kerberos security system for cross-realm collaborative interactions: An innovative example of knowledge technology for evolving & verifiable e-society. In Proceedings of the International Conference on Research, Innovation and Vision for the Future (pp. 211-219).","DOI":"10.1109\/RIVF.2007.369159"}],"container-title":["International Journal of e-Collaboration"],"original-title":[],"language":"ng","link":[{"URL":"https:\/\/www.igi-global.com\/viewtitle.aspx?TitleId=61403","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,6,1]],"date-time":"2022-06-01T22:52:51Z","timestamp":1654123971000},"score":1,"resource":{"primary":{"URL":"https:\/\/services.igi-global.com\/resolvedoi\/resolve.aspx?doi=10.4018\/jec.2012010102"}},"subtitle":["An Engineering Approach"],"short-title":[],"issued":{"date-parts":[[2012,1,1]]},"references-count":24,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2012,1]]}},"URL":"https:\/\/doi.org\/10.4018\/jec.2012010102","relation":{},"ISSN":["1548-3673","1548-3681"],"issn-type":[{"value":"1548-3673","type":"print"},{"value":"1548-3681","type":"electronic"}],"subject":[],"published":{"date-parts":[[2012,1,1]]}}}