ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
An agreement centric access control mechanism for business to business e-commerce
Full text PdfPdf (556 KB)
Source Symposium on Applied Computing archive
Proceedings of the 2002 ACM symposium on Applied computing table of contents
Madrid, Spain
SESSION: Web and e-business application table of contents
Pages: 1160 - 1164  
Year of Publication: 2002
ISBN:1-58113-445-2
Author
Victoria Ungureanu  Rutgers University
Sponsor
SIGAPP: ACM Special Interest Group on Applied Computing
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 3,   Downloads (12 Months): 22,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/508791.509017
What is a DOI?

ABSTRACT

We argue that matrix-based models are inadequate for regulating business to business (or B2B, for short) e-commerce due to the diversity, complexity and potential large number of commercial agreements that have to be supported. To deal with these issues, we propose in this paper an agreement-centric access control model. The paper introduces the concept of communication agreement (CAR) as a means for specifying contractual terms, and presents the CAR enforcement mechanism. We explore the expressive power of the model and show that it can implement regulations which cannot expressed using conventional mechanisms alone. The paper also describes a prototype implementation; the preliminary performance results indicate that the enforcement mechanism is quite affordable, even in its present, experimental stage.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Serge Abiteboul , Victor Vianu , Brad Fordham , Yelena Yesha, Relational transducers for electronic commerce, Proceedings of the seventeenth ACM SIGACT-SIGMOD-SIGART symposium on Principles of database systems, p.179-187, June 01-04, 1998, Seattle, Washington, United States  [doi>10.1145/275487.275507]
 
2
X. Blanc, M. Geravis, and R. Le-Delliou. Using the UML language to express the ODP enterprise concepts. In Proceedings of the Third International Enterprise Distributed Object Computing (EDOC99) Conference, pages 50-59. IEEE, September 1999.
 
3
Matt Blaze , Joan Feigenbaum , John Ioannidis , Angelos D. Keromytis, The role of trust management in distributed systems security, Secure Internet programming: security issues for mobile and distributed objects, Springer-Verlag, London, 2001
 
4
W. W. W. Consortium. Jigsaw - the W3C's web server. website:http://www.w3.org/Jigsaw/.
 
5
Economist. E-commerce (a survey). pages 6-54. (The February 26th 2000 issue).
 
6
Economist. Riding the storm, pages 63-64. (November 6th 1999 issue).
7
Benjamin N. Grosof , Yannis Labrou , Hoi Y. Chan, A declarative approach to business rules in contracts: courteous logic programs in XML, Proceedings of the 1st ACM conference on Electronic commerce, p.68-77, November 03-05, 1999, Denver, Colorado, United States  [doi>10.1145/336992.337010]
 
8
An http extension framework. Technical report. available from http://www.w3.org/Protocols/HTTP/ietf-http-ext/
9
Sushil Jajodia , Pierangela Samarati , V. S. Subrahmanian , Eliza Bertino, A unified framework for enforcing multiple access control policies, Proceedings of the 1997 ACM SIGMOD international conference on Management of data, p.474-485, May 11-15, 1997, Tucson, Arizona, United States
10
James B. D. Joshi , Walid G. Aref , Arif Ghafoor , Eugene H. Spafford, Security models for web-based applications, Communications of the ACM, v.44 n.2, p.38-44, Feb. 2001  [doi>10.1145/359205.359224]
 
11
L. Lamport. How to make a multiprocessor computer that correctly executes multiprocess programs. IEEE Transactions on Computers, C-28:690-691, Sept. 1979.
12
Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974  [doi>10.1145/775265.775268]
 
13
Roland Martin Roscheisen , Terry Winograd, A network-centric design for relationship-based rights management, 1998
 
14
Martin Roscheisen , Terry Winograd, A Communication Agreement Framework for Access/Action Control, Proceedings of the 1996 IEEE Symposium on Security and Privacy, p.154, May 06-08, 1996
 
15
XML Schema. Technical report, World Wide Web Consortium, website: http://www.w3.org/XML/Schema.
 
16
Andrew S. Tanenbaum, Modern operating systems, Prentice-Hall, Inc., Upper Saddle River, NJ, 1992
 
17
Jeffrey D. Ullman, Principles of database and knowledge-base systems, Vol. I, Computer Science Press, Inc., New York, NY, 1988
 
18
Victoria Ungureanu , Naftaly H. Minsky, Establishing Business Rules for Inter-Enterprise Electronic Commerce, Proceedings of the 14th International Conference on Distributed Computing, p.179-193, October 04-06, 2000
 
19
Extensible markup language (XML 1.0. Technical report, World Wide Web Consortium. website: http://www.w3.org/TR/REC-xml/.

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.4 COMPUTERS AND SOCIETY
      K.4.4 Electronic Commerce
          Subjects: Security

Additional Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls


General Terms:
Algorithms, Design, Security, Theory

Collaborative Colleagues:
Victoria Ungureanu: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player