Sinnott, R.O., Doherty, T., Gray, N., and Lusted, J. (2009) Semantic security: specification and enforcement of semantic policies for security-driven collaborations. Studies in Health Technology and Informatics, 147, pp. 201-211.
Publisher's URL: http://www.iospress.nl/loadtop/load.php?isbn=shti
Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo).
|Glasgow Author(s) Enlighten ID:||Gray, Dr Norman and Doherty, Mr Thomas and Sinnott, Professor Richard|
|Authors:||Sinnott, R.O., Doherty, T., Gray, N., and Lusted, J.|
|Subjects:||Q Science > QA Mathematics > QA75 Electronic computers. Computer science|
|College/School:||College of Science and Engineering > School of Physics and Astronomy|
University Services > IT Services > Computing Service
|Journal Name:||Studies in Health Technology and Informatics|
|Copyright Holders:||Copyright © 2009 IOS Press|
|First Published:||First published in Studies in Health Technology and Informatics 147:201-211|
|Publisher Policy:||Reproduced in accordance with the copyright policy of the publisher.|