Section: New Results

A model to secure collaborative resources within Enterprise Social Networks

Participants : Ahmed Bouchami, Olivier Perrin.

Enterprise social networks (ESN) are collaborative environments that raise major challenges to secure them. In his thesis [2], Ahmed Bouchami addressed the problem of authentication of digital identities within collaborative communities. He proposed an interoperable architecture for managing federated authentication, thus allowing each enterprise to preserve its (own) authentication mechanism and each principal to perform a single sign on authentication regarding different enterprises. He also proposed access control management. His flexible access control model is based on a set of identity attributes, and a formal language based on temporal logic. This model allows for checking the consistency of the policies defined. with the model.

Last, the access control system offers the ability to control the user-centric sharing policies through policies based on a risk management mechanism, which makes the access control mechanism dynamic. The risk mechanism is based on the NIST’s risk definition with an alignment with a set of parameters that include access control in the ESN context. More precisely, the dynamic risk management includes, the collaborative resource’s importance, the authentication system’s vulnerabilities and trust level reflected through the behavior of each collaborative actor. On this latter aspect of trust, a reputation score is computed using the history of collaborative interactions of each subject of the collaborative environment. Finally, a prototype is available and was demonstrated within the OpenPaaS ESN project.