Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Deciphering Text from Touchscreen Key Taps Read chapter Read first chapter

2016 | OriginalPaper | Chapter

Data Governance and Transparency for Collaborative Systems

Authors : Rauf Mahmudlu, Jerry den Hartog, Nicola Zannone

Published in: Data and Applications Security and Privacy XXX

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

As social networks, shared editing platforms and other collaborative systems are becoming increasingly popular, the demands for proper protection of the data created and used within these systems grows. Yet, existing access control mechanisms are not suited for the challenges imposed by collaborative systems. Two main challenges should be addressed: collaborative specification of permissions, while ensuring an appropriate levels of control to the different parties involved, and enabling transparency in decision making in cases where the access requirements of these different parties are in conflict. In this paper we propose a data governance model for collaborative systems, which allows the integration of access requirements specified by different users based on their relation with a data object. We also study the practical feasibility of enabling transparency by comparing different deployment options for transparency in XACML.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter A Practical Framework for Executing Complex Queries over Encrypted Multimedia Data
next chapter Sharing-Habits Based Privacy Control in Social Networks
Footnotes
1
Note that legal requirements can also define the relation between stakeholders. In the next section we will discuss how these requirements can be accommodated in the framework.
 
2
Although any combining algorithm can be used to combine user policies and archetype policies, the use of noncommutative algorithms can have undesired effects. In fact, these algorithms often represent a priority between policies based on their order (e.g., \(\mathsf{first{\text {-}}applicable}\) in XACML), whereas there is no order within an archetype or a level.
 
Literature
1.
Albrecht, U.V.: Transparency of health-apps for trust and decision making. J. Med. Internet Res. 15(12), e277 (2013)MathSciNetCrossRef
2.
Damen, S., den Hartog, J., Zannone, N.: CollAC: Collaborative access control. In: Proceedings of CTS, pp. 142–149. IEEE (2014)
3.
Damen, S., Zannone, N.: Privacy implications of privacy settings and tagging in facebook. In: Jonker, W., Petković, M. (eds.) SDM 2013. LNCS, vol. 8425, pp. 121–138. Springer, Heidelberg (2014)CrossRef
4.
de Fine Licht, J.: Transparency actually: how transparency affects public perceptions of political decision-making. Eur. Political Sci. Rev. 6(02), 309–330 (2014)CrossRef
5.
Ghai, S.K., Nigam, P., Kumaraguru, P.: Cue: A framework for generating meaningful feedback in XACML. In: Proceedings of SafeConfig, pp. 9–16. ACM (2010)
6.
Guarda, P., Zannone, N.: Towards the development of privacy-aware systems. Inf. Softw. Technol. 51(2), 337–350 (2009)CrossRef
7.
Hu, H., Ahn, G.J., Jorgensen, J.: Multiparty access control for online social networks: model and mechanisms. TKDE 25(7), 1614–1627 (2013)
8.
Jajodia, S., Samarati, P., Sapino, M.L., Subrahmanian, V.S.: Flexible support for multiple access control policies. ACM Trans. Database Syst. 26(2), 214–260 (2001)CrossRefMATH
9.
Joshi, A., Bollen, L., Hassink, H.: An empirical assessment of it governance transparency: evidence from commercial banking. Inf. Sys. Manag. 30(2), 116–136 (2013)CrossRef
10.
Kaluvuri, S.P., Egner, A.I., den Hartog, J., Zannone, N.: SAFAX – Anextensible authorization service for cloud environments. Front. ICT 2(9) (2015)
11.
Li, N., Wang, Q., Qardaji, W., Bertino, E., Rao, P., Lobo, J., Lin, D.: Access control policy combining: theory meets practice. In: Proceedings of SACMAT, pp. 135–144. ACM (2009)
12.
Matteucci, I., Mori, P., Petrocchi, M.: Prioritized execution of privacy policies. In: Di Pietro, R., Herranz, J., Damiani, E., State, R. (eds.) DPM 2012 and SETOP 2012. LNCS, vol. 7731, pp. 133–145. Springer, Heidelberg (2013)CrossRef
13.
Mazzoleni, P., Crispo, B., Sivasubramanian, S., Bertino, E.: XACML policy integration algorithms. ACM Trans. Inf. Syst. Secur. 11(1), 4:1–4:29 (2008)CrossRef
14.
OASIS XACML Technical Committee: eXtensible Access Control Markup Language (XACML) Version 2.0 (2005)
15.
Reeder, R.W., Bauer, L., Cranor, L.F., Reiter, M.K., Vaniea, K.: Effects of access-control policy conflict-resolution methods on policy-authoring usability. CyLab, p. 12 (2009)
16.
Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)CrossRef
17.
Shen, H., Dewan, P.: Access control for collaborative environments. In: Proceedings of Conference on Computer-supported Cooperative Work, pp. 51–58. ACM (1992)
18.
Squicciarini, A.C., Shehab, M., Paci, F.: Collective privacy management in social networks. In: Proceedings of WWW, pp. 521–530. ACM (2009)
19.
Thomas, R.K.: Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments. In: Proceedings of RBAC, pp. 13–19. ACM (1997)
20.
Thomas, R.K., Sandhu, R.S.: Task-based authorization controls (TBAC): A family of models for active and enterprise-oriented authorization management. In: DBSec, pp. 166–181. Springer, Heidelberg (1997)
21.
Tolone, W., Ahn, G.J., Pai, T., Hong, S.P.: Access control in collaborative systems. ACM Comput. Surv. 37(1), 29–41 (2005)CrossRef
Metadata
Title
Data Governance and Transparency for Collaborative Systems
Authors
Rauf Mahmudlu
Jerry den Hartog
Nicola Zannone
Copyright Year
2016
Book
Data and Applications Security and Privacy XXX

Print ISBN: 978-3-319-41482-9

Electronic ISBN: 978-3-319-41483-6

Copyright Year: 2016

DOI
https://doi.org/10.1007/978-3-319-41483-6_15