Semantic security: specification and enforcement of semantic policies for security-driven collaborations

Sinnott, R.O., Doherty, T., Gray, N. and Lusted, J. (2009) Semantic security: specification and enforcement of semantic policies for security-driven collaborations. Studies in Health Technology and Informatics, 147, pp. 201-211. (doi: 10.3233/978-1-60750-027-8-201)

[img] Text
7440.pdf

375kB

Publisher's URL: http://www.iospress.nl/loadtop/load.php?isbn=shti

Abstract

Collaborative research can often have demands on finer-grained security that go beyond the authentication-only paradigm as typified by many e-Infrastructure/Grid based solutions. Supporting finer-grained access control is often essential for domains where the specification and subsequent enforcement of authorization policies is needed. The clinical domain is one area in particular where this is so. However it is the case that existing security authorization solutions are fragile, inflexible and difficult to establish and maintain. As a result they often do not meet the needs of real world collaborations where robustness and flexibility of policy specification and enforcement, and ease of maintenance are essential. In this paper we present results of the JISC funded Advanced Grid Authorisation through Semantic Technologies (AGAST) project (www.nesc.ac.uk/hub/projects/agast) and show how semantic-based approaches to security policy specification and enforcement can address many of the limitations with existing security solutions. These are demonstrated into the clinical trials domain through the MRC funded Virtual Organisations for Trials and Epidemiological Studies (VOTES) project (www.nesc.ac.uk/hub/projects/votes) and the epidemiological domain through the JISC funded SeeGEO project (www.nesc.ac.uk/hub/projects/seegeo).

Item Type:Articles
Status:Published
Refereed:Yes
Glasgow Author(s) Enlighten ID:Gray, Dr Norman and Doherty, Mr Thomas and Sinnott, Professor Richard
Authors: Sinnott, R.O., Doherty, T., Gray, N., and Lusted, J.
Subjects:Q Science > QA Mathematics > QA75 Electronic computers. Computer science
College/School:College of Science and Engineering > School of Physics and Astronomy
University Services > IT Services > Computing Service
Journal Name:Studies in Health Technology and Informatics
Publisher:IOS Press
ISSN:0926-9630
Copyright Holders:Copyright © 2009 IOS Press
First Published:First published in Studies in Health Technology and Informatics 147:201-211
Publisher Policy:Reproduced in accordance with the copyright policy of the publisher.

University Staff: Request a correction | Enlighten Editors: Update this record