Pablo Galiasso, Mauricio Papa & Sujeet Shenoi
Washington State University

Keywords: information enclaves, authorization policy, access control, mediators

Coordinating security policies in information enclaves is challenging due to their heterogeneity and autonomy. Administrators must reconcile the semantic diversity of data and security models before negotiating secure interoperation. This paper proposes an architecture that uses mediators and a primitive ticket-based authorization model to manage disparate policies in loosely coupled information system federations. The formal foundation of the architecture facilitates static and dynamic analysis of global consistency and policy enforcement.