This article includes a list of references, but its sources remain unclear because it has insufficient inline citations. (July 2014) (Learn how and when to remove this template message)
This article relies too much on references to primary sources. (July 2014) (Learn how and when to remove this template message)
Collaboration Oriented Architecture (COA) is a computer system that is designed to collaborate, or use services, from systems that are outside of the operators control. Collaboration Oriented Architecture will often use Service Oriented Architecture to deliver the technical framework.
Bill Gates and Craig Mundie (Microsoft)  clearly articulated the need for people to work outside of their organizations in a secure and collaborative manner in their opening keynote to the RSA Security Conference in February 2007.
Successful implementation of a Collaboration Oriented Architecture implies the ability to successfully inter-work securely over the Internet and will typically mean the resolution of the problems that come with de-perimeterisation.
Origin of the term
Definition of a Collaboration Oriented Architecture
The key elements that qualify a security architecture as a Collaboration Oriented Architecture are as follows;
- Protocol: Systems use appropriately secure protocols to communicate.
- Authentication: The protocol is authenticated with user and/or system credentials.
- Federation: User and/or systems credentials are accepted and validated by systems that are not under your (locus of) control.
- Network Agnostic: The design does not rely on a secure network, thus it will operate securely from an Intranet to raw-Internet
- Trust: The collaborating system have the capacity to be able to confirm to a specified degree of confidence that the components in a transaction chain have.
- Risk: The collaborating systems can make a risk assessment on any transaction based on the communicated levels of required trust, based on the required degree of identity, confidentiality, integrity, availability.
Authentication in a Collaboration Oriented Architecture
Working in a collaborative multi-sourced environment implies the need for authentication, authorization and accountability which must interoperate / exchange outside of your locus / area of control.
- People/systems must be able to manage permissions of resources and rights of users they don't control
- There must be capability of trusting an organization, which can authenticate individuals or groups, thus eliminating the need to create separate identities
- In principle, only one instance of person / system / identity may exist, but privacy necessitates the support for multiple instances, or one instance with multiple facets, often referred to s personas
- Systems must be able to pass on security credentials /assertions
- Multiple loci (areas) of control must be supported
- Jericho Forum, "Commandments", Jericho Forum Commandments Archived 26 July 2011 at the Wayback Machine, May 2007.
- Bill Gates, Craig Mundie: RSA Conference 2007. Transcript of keynote discussion between Microsoft Chairman Bill Gates and Chief Research & Strategy
- Bill Gates Webcast, Bill Gates and Craig Mundie Keynote at RSA Conference 2007: Advancing Trust in Today’s Connected World
- "Forensics and Incident Response". www.peerlyst.com. Retrieved 23 May 2016.
- Jericho Forum Commandment #8 Archived 26 July 2011 at the Wayback Machine