Abstract
Access to information systems across corporate boundaries with high demands to privacy and trust result into ambitious research and development targets. This study provides motivation and a roadmap for approaching integrated security management solutions in a business network of partners with heterogeneous ICT and security infrastructures. We aim at describing specifics of identity and access management in inter-organizational collaboration, and a vision and arguments for identity and access management in a business network. A case study with Metso Paper, Inc., the leading manufacturer of paper machinery and related services, validates the results, thus providing a motivating example of the possibilities of e-services.
Chapter PDF
Similar content being viewed by others
Keywords
- Service Oriented Architecture
- Enterprise Architecture
- Business Network
- Access Control Policy
- Access Control Model
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
S. Bajajet al. Web Services Federation Language 1.0. Specification (IBM, New York, 2003).
C. Britton, and P. Bye, IT, Architectures and Middleware (Addison-Wesley, Boston, 2004).
D. Ferraiolo, D. Kuhn, and R. Chandramouli, Role-Based Access Control (Artech House, Boston, 2003).
W. Hasselbring, Information system integration. Communications of the ACM 43(6), 32–38 (2000).
M. Hatala, T. Eap, and A. Shah, Federated Security: Lightweight Security Infrastructure for Object Repositories and Web Services, in: Proceedings of The International Conference on Next Generation Web Services Practices (NweSP’05). (IEEE, Piscataway, NJ, 2005).
J. Heikkilä, M. Heikkilä and J. Lehmonen, Sharing for Understanding and Doing for Learning: An Emerging Learning Business Network, The ICFAI Journal of Knowledge Management 3(1), 28–45 (2005).
D. Kienzle and C. Elder, Final Technical Report: Security Patterns for Web Application Development. (DARPA, Washington DC, 2002).
A. Lapkin, The Gartner Enterprise Architecture Framework ITXPO Symposium. (Gartner Inc, Stamford, CT, 2003).
Y. Lee, A Dynamic Virtual Organization Solution for Web-Services Based Grid Middleware, in: Proceedings of Sixteenth International Workshop on Database and Expert Systems Applications (IEEE, Piscataway, NJ, 2005).
Liberty Alliance Project web site, http://www.projectliberty.org/.
D. Linthicum, Next Generation Application Integration: From Simple Information to Web Services (Addison-Wesley, Boston, 2004).
META Group Inc, Enterprise Architecture, Desk Reference. (Metagroup, Stamford, CT, 2002).
The Open Group, The Open Group Architecture Framework (TOGAF) Version 7 “Technical Edition”, Version 8 “Enterprise Edition”. Document Nr 1911 (The Open Group, 2002). Accessed 13.01.2004 at http://www.opengroup.org/togaf/.
C. Perks and T. Beveridge, Guide to Enterprise IT Architecture (Springer, New York, 2003).
S. Rosenfeld, Industrial Strength Strategies: Regional Business Clusters and Public Policy (Aspen Institute, Washington, DC, 1995).
D. Russell and G. T. Gangemi, Computer Security Basics (O’Reilly & Associates, Sebastopol, CA, 1991).
M. Pulkkinen and A. Hirvonen, EA Planning, Development and Management Process for Agile Enterprise Development, in: Proceedings of the Thirty-Eighth Annual Hawaii International Conference on System Sciences. Big Island, Hawaii, 2005, edited by Sprague, R. H. Jr. (IEEE, Piscataway, NJ, 2005).
J. Pyötsiä, ICT opportunities and challenges for remote services, in: Proceedings of the 1st International IFIP/WG12.5 Working Conference on Industrial Applications of Semantic Web, August 25–28, 2005, Jyvaskyla, Finland (Springer, IFIP, Dordrecht, 2005), pp. 213–225.
OASIS Security Services TC, Security Assertion Markup Language (SAML) v2.0, http://www.oasis-open,org/committees/tc_home.php?wg_abbrev=security, (Oasis, Billerica, CA, 2006).
R. Shaikh, S. Rajput, S. Zaidi and K. Sharif, Comparative Analysis and Design Philosophy of Next Generation Unified Enterprise Application Security, in: Proceedings of The International Conference on Emerging Technologies (C@SE, Islamabad, 2005).
A. Weaver, Enforcing distributed data security via Web services, in: Proceedings. WFCS 2004 IEEE International Workshop on Factory Communication Systems, (IEEE, Piscataway, 2004).
OASIS-Open Org. Web Services Security SOAP Message Security 1.I (WS-Security 2004), OASIS Standard Specification (Oasis, Billerica, CA, 2006).
Witty, R., Allan, A., Enck, J., Wagner, R., Identity and Access Management Defined. Gartner Research Note SPA-21-3430 (Gartner Inc, Stamford, CT, 2003).
Witty, R., The Identity and Access Management Market Landscape, Gartner Research Note COM-21-4534, (Gartner Inc, Stamford, CT, 2003).
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 International Federation for Information Processing
About this paper
Cite this paper
Luostarinen, K., Naumenko, A., Pulkkinen, M. (2006). Identity and Access Management for Remote Maintenance Services in Business Networks. In: Suomi, R., Cabral, R., Hampe, J.F., Heikkilä, A., Järveläinen, J., Koskivaara, E. (eds) Project E-Society: Building Bricks. IFIP International Federation for Information Processing, vol 226. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-39229-5_1
Download citation
DOI: https://doi.org/10.1007/978-0-387-39229-5_1
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-39226-4
Online ISBN: 978-0-387-39229-5
eBook Packages: Computer ScienceComputer Science (R0)