Self Protecting Data for De-perimeterised Information Sharing

The emergence of high-speed networks, Grid Computing, Service-Oriented Architectures, and an ever increasing ambient connection to mobile Internet has enabled an underpinning infrastructure for the development of dynamically formed, collaborative working groups known as Virtual Organizations (VOs). VOs provide strong motivation for investigation into the infrastructure, and in particular the security necessary to protect the information and resources shared within a VO, both while resident on local machines and when allowed to move beyond the secure boundary of a local organizational network perimeter and into the realm of the distributed VO. Traditional access control systems are perimeter-centric, meaning they apply the controls to both internal and external requests for access to information within or at the perimeter of their information system. This paper presents the initial results of the JISC funded SPIDER project, being led by Cardiff University. Through case based example, the research investigates the limitations to granularity and persistent control over information when using the perimeter-centric approach in a collaborative working environment.