Enforcing Context-Sensitive Policies in Collaborative Business Environments
As enterprises seek to engage in increasingly rich and agile forms of collaboration, they are turning towards service-oriented architectures that enable them to selectively expose different levels of functionality to both existing and prospective business partners. This includes enforcing access control policies whose elements are tied to changing contractual relationships or to information obtained from external sources (e.g. ratings, credit worthiness, export restrictions, etc.). To ensure maximum openness, the authors argue that such sources of contextual information should themselves be represented as web services that can be identified and accessed on the fly, as required to enforce relevant policies.