Collaboration enables a set of partners to work together while sharing information, resources, and capabilities a controlled and accountable fashion. The partners themselves are organizations composed of people, departments, computational entities, and agents who perform tasks consistent with the internal rules of their organization. This paper presents a framework for managing some aspects of collab-orations, both within and across organizations, between agents and resources or services, while guaranteeing that these interactions are secure, efficient, and satisfy specified access constraints. It describes some current and planned activities in a joint project by the coauthors at Arizona State University and New York University. We view collaborative operations in terms of the direct interactions between computations and services. To support collaborative operations we will rely on several techniques, including transitive delegation, cryptographic file systems, capacity sandboxing, reverse sandboxing, and fine-grained access control. These techniques facilitate scalable authentication and revocable autho-rization of agent computations even when they span resources of different organizations. In addition, they improve overall efficiency by permitting migration of computations to, and caching of services in, partly trusted environments of another organization.
展开▼
