Authors:
Oliver Gmelch
and
Günther Pernul
Affiliation:
University of Regensburg, Germany
Keyword(s):
Inter-portlet communication, Portal servers, Security policies.
Related
Ontology
Subjects/Areas/Topics:
Information and Systems Security
;
Security and Privacy Policies
;
Security in Distributed Systems
Abstract:
In a “networked enterprise”, distributed teams of partner organizations, humans, computer applications, autonomous robots, and devices are interlinked to collaborate with each other in order to achieve higher productivity and to perform joint projects or produce joint products that would have been impossible to develop without the contributions of multiple collaborators. Within a collaboration, security aspects are of critical importance. This is in particular true for loosely coupled collaborations in which individual members of one alliance are working with each other within a certain project only, but may be competitors in other market fields at the same time. Going beyond the current state of the art in portal-based collaboration platforms, this paper presents an approach to prevent unintended information disclosure by malicious portlet instances. The solution is built on open standards (JSR 286 and XACML) and may be incorporated in collaboration-wide enterprise portals in order
to regulate information flow during inter-portlet communication.
(More)