Novel Access Control Approach for Inter-organizational Workflows

Inter-organizational workflows have become increasingly used by companies to improve their productivity by sharing resources and activities. These systems have proven their effectiveness in several areas. However, the sensitivity of the exchanged data, push participating organizations to set authorization rules in order to protect their data and processes. At this level, the cohabitation of different security policies arises as a problematic issue. In fact, how can we combine different or even conflicting policies with regard to privacy preserving and collaboration objectives? In this paper, we propose a new Inter-Organizational Workflow Based Access Control (IOW-BAC) approach. Besides, we present a new algorithm to resolve potential detected conflicts occurring during the composition of the global Access Control policy. This algorithm is based on a set of important parameters which are organization's weight, object owner, task criticality and object sensitivity.