Abstract. A Virtual Organisation (VO) is a temporary alliance of autonomous, diverse, and geographically dispersed organisations, where the participants pool resources, information and knowledge in order to meet common objectives. This requires dynamic security policy management. We propose an authorisation policy management model called recognition of authority (ROA) which allows dynamically trusted authorities to adjust the authorisation policies for VO resources. The model supports dynamic delegation of authority, and the expansion and contraction of organizations in a VO, so that the underlying authorisation system is able to use existing user credentials issued by participating organisations to evaluate the user’s access rights to VO resources.
Tuan-Anh Nguyen, David W. Chadwick, Bassem Nasser