Dynamic labelling to enforce conformance of cross domain security/privacy policies

Abstract

Conformance of declared security policies while traversing different sites has been a challenge for realizing work-flows on clouds that need to move from one cloud domain to another domain from the perspective of optimization of utilization. Such a possibility will enable optimization of communication and thereby realize the tenet of Utility Computing or Cloud computing. In this paper, we show how dynamic relabelling realized through the Readers-Writers Flow Model (RWFM) enables us to realize such an important property. We shall illustrate the modelling through an example wherein the privacy policies of two domains that permit each other have different security policies and show how, it is possible to realize a joint policy that is in conformance with both the domains. This enables us to inform the user when the privacy policy for which he has signed differs from the cross-site traversal and thereby assure him that his main privacy policy is preserved. If not, he can provide an explicit endorsement as long as that will not compromise the security policy of the main domain for which he has signed.