| The need for coalition access control among individuals and organizations has increased significantly in the past years as the need for spontaneous access to information increases. However, a significant deterrent to the ability to connect in a spontaneous manner in coalition collaborative applications is the difficulty in users from different domains being able to access resources or services located and owned by other entities. Coalition access control encompasses control mechanisms dealing with access between users of two or more different organizations or enterprises. These users could be co-located or remotely located.; The thesis first presents a delegation based D-TMAC model that extends traditional TMAC across organizations for formal coalition environments, and a context-based coalition access control model, which apply context information as conditions on delegation. Then the thesis proposes a Session-based Coalition Access Control Architecture (SCACA) and provides practical implementation that enables dynamic coalition access control over a communication session in a spontaneous manner. The presented system architecture and methodology leverages the IETF SIP protocol as an underlying communication mechanism in order to greatly minimize the administration overhead and rapidly adapt the dynamic nature of access control in spontaneous coalition environments.; The result is that, during a spontaneous coalition communication across organizations, every endpoint can access other endpoints' resources and share its own resources to all the other endpoints as well. Moreover, these privileges will dynamically change as the status of the coalition communication changes. |
