Abstract
Balancing the competing goals of collaboration and security is a difficult, multidimensional problem. Collaborative systems often focus on building useful connections among people, tools, and information while security seeks to ensure the availability, confidentiality, and integrity of these same elements. In this article, we focus on one important dimension of this problem---access control. The article examines existing access control models as applied to collaboration, highlighting not only the benefits, but also the weaknesses of these models.
- Ahn, G.-J. and Sandhu, R. 2000. Role-based authorization constraints specification. ACM Trans. Inf. Syst. Secur. 3, 4 (Nov.). Google ScholarDigital Library
- Ahn, G.-J., Sandhu, R., Kang, M., and Park, J. 2000. Injecting RBAC to secure a Web-based workflow system. In Proceedings of 5th ACM Workshop on Role-Based Access Control. Berlin, Germany. Google ScholarDigital Library
- Ahn, G.-J., Shin, D., and Zhang, L. 2004. Role-based privilege management using attribute certificates and delegation. In International Conference on Trust and Privacy in Digital Business. Lecture Notes in Computer Science. Springer-Verlag.Google Scholar
- Ahn, G.-J., Zhang, L., Shin, D., and Chu, B. 2003. Authorization management for role-based collaboration. In IEEE International Conference on System, Man and Cybernetic. Washington, DC. 4128--4214.Google Scholar
- Bertino, E., Ferrari, E., and Atluri, V. 1999. Specification and enforcement of authorization constraints in workflow management systems. ACM Trans. Inf. Syst. Secur. 2, 1 (Feb.). Google ScholarDigital Library
- Bertino, E., Ferrari, E., and Bonatti, P. A. 2000. TRBAC: A temporal role-based access control model. In Proceedings of 5th ACM Workshop on Role-Based Access Control. Berlin, Germany. Google ScholarDigital Library
- Brothers, L., Sembugamoorthy, V., and Muller, M. 1990. Icicle: Groupware for code inspection. In ACM Conference on Computer-Supported Cooperative Work. Los Angeles, CA. 169--181. Google ScholarDigital Library
- Bullock, A. 1998. SPACE: Spatial access control for collaborative virtual environments. PhD. thesis, University of Notingham.Google Scholar
- Bullock, A. and Benford, S. 1999. An access control framework for multi-user collaborative environments. In ACM GROUP. Phoenix, AZ. Google ScholarDigital Library
- Coulouris, G., Dollimore, J., and B., R. 1998. Role and task-based access control in the perdis groupware platform. In Proceedings of 3rd ACM Workshop on Role-Based Access Control. Fairfax, VA. 115--121. Google ScholarDigital Library
- Covington, M., Long, W., Srinivasan, S., Dey, A., Ahamad, M., and Abowd, G. D. 2001. Securing context-aware applications using environment roles. In ACM Symposium on Access Control Model and Technology. Chantilly, VA. Google ScholarDigital Library
- Dewan, P. and Shen, H. 1998. Flexible meta-access control for collaborative applications. In ACM Conference on Computer-Supported Cooperative Work. Seattle, WA. Google ScholarDigital Library
- Edwards, W. K. 1996. Policies and roles in collaborative applications. In ACM Conference on Computer-Supported Cooperative Work. Cambridge, MA. Google ScholarDigital Library
- Ellis, C. A., Gibbs, S. J., and Rein, G. L. 1989. Design and use of a group editor. In International Federation for Information Processing Working Group 2.7, Working Conference on Engineering for Human-Computer Interaction. 13--28.Google Scholar
- Ferraiolo, D. and Barkley, J. 1997. Specifying and managing role-based access control within a corporate intranet. In Proceedings of 2nd ACM Workshop on Role-Based Access Control. Fairfax, VA. 77--82. Google ScholarDigital Library
- Ferraiolo, D. F., Barkley, J. F., and Kuhn, D. R. 1999. A role based access control model and reference implementation within a corporate intranet. ACM Trans. Inf. Syst. Secur. 2, 1 (Feb.). Google ScholarDigital Library
- Georgiadis, C. K., Mavridis, I., Pangalos, G., and Thomas, R. 2001. Flexible team-based access control using contexts. In ACM Symposium on Access Control Model and Technology. Chantilly, VA. Google ScholarDigital Library
- Grief, I. and Sarin, S. 1987. Data sharing in group work. ACM Trans. Inf. Syst. 5, 2 (April), 187--211. Google ScholarDigital Library
- Jaeger, T. 1999. On the increasing importance of constraints. In Proceedings of 4th ACM Workshop on Role-Based Access Control. Fairfax, VA. 33--42. Google ScholarDigital Library
- Jaeger, T. and Prakash, A. 1996. Requirements of role-based access control for collaborative systems. In ACM Role-based Access Control Workshop. Gaithersburg, MD. 53--64. Google ScholarDigital Library
- Kang, M. H., Park, J. S., and Froscher, J. N. 2001. Access control mechanisms for inter-organizational workflow. In ACM Symposium on Access Control Model and Technology. Chantilly, VA. Google ScholarDigital Library
- Kaplan, S., Tolone, W., D.P., B., and Bignoli, C. 1992. Flexible active support for collaborative work with conversation builder. In ACM Conference on Computer-Supported Cooperative Work. Toronto, Ontario, Canada. 378--385. Google ScholarDigital Library
- Lampson, B. 1971. Protection. In 5th Princeton Symposium on Information Science and Systems. 437--443. Reprinted in ACM Operat. Syst. Rev. 8,1, 18--24, 1974. Google ScholarDigital Library
- Neuwirth, C. M., Kaufer, D. S., Chandhok, R., and Morris, J. H. 1990. Issues in the design of computer support for co-authoring and commenting. In ACM Conference on Computer-Supported Cooperative Work. Los Angeles, CA. 183--195. Google ScholarDigital Library
- Park, J., Sandhu, R., and Ahn, G.-J. 2001. Role-based access control on the web. ACM Trans. Inf. Syst. Secur. 4, 1 (Feb.). Google ScholarDigital Library
- Sandhu, R. and Samarati, P. 1994. Access control: Principles and practice. IEEE Communications 32, 9, 40--48.Google ScholarDigital Library
- Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E. 1996. Role-based access control models. IEEE Computer 29, 2 (Feb.), 38--47. Google ScholarDigital Library
- Shen, H. and Dewan, P. 1992. Access control for collaborative environments. In ACM Conference on Computer-Supported Cooperative Work. Google ScholarDigital Library
- Shin, D., Ahn, G.-J., and Cho, S. 2002. Role-based EAM using x.509 attribute certificate. In Proceedings of 16th Annual International Federation for Information Processing Working Group 11.3, Working Conference on Data and Application Security. Cambridge, UK.Google Scholar
- Sikkel, K. 1997. A group-based authorization model for cooperative systems. In ACM Conference on Computer-Supported Cooperative Work. 345--360. Google ScholarDigital Library
- Sohlenkamp, M. and Chwelos, G. 1994. Integrating communication, cooperation, and awareness: The diva virtual office environment. In ACM Conference on Computer Supported Cooperative Work. Chapel Hill, NC. 331--343. Google ScholarDigital Library
- Thomas, R. 1997. Team-based access control (TMAC). In Proceedings of 2nd ACM Workshop on Role-Based Access Control. Fairfax, VA. 13--19. Google ScholarDigital Library
- Thomas, R. and Sandhu, R. 1997. Task-based authorization controls (TBAC): Models for active and enterprise-oriented authorization management. In Database Security XI: Status and Prospects, T. Y. Lin and X. Qian, Eds. North-Holland. Google ScholarDigital Library
- Thomas, R. and Sandhu, R. S. 1994. Conceptual foundations for a model of task-based authorizations. In Proceedings of 7th IEEE Computer Security Foundations Workshop. Franconia, NH. 66--79.Google Scholar
- Wang, W. 1999. Team-and-role-based organizational context and access control for cooperative hypermedia environments. In ACM Hypertext. Google ScholarDigital Library
- Yao, W., Moody, K., and Bacon, J. 2001. A model of oasis role-based access control and its support for active security. In ACM Symposium on Access Control Model and Technology. ACM. Chantilly, VA. Google ScholarDigital Library
- Zhang, L., Ahn, G.-J., and Chu, B. 2001. A rule-based framework for role-based delegation. In ACM Symposium on Access Control Model and Technology. Chantilly, VA. 153--162. Google ScholarDigital Library
- Zhang, L., Ahn, G.-J., and Chu, B. 2003. A rule-based framework for role-based delegation and revocation. ACM Trans. Inf. Syst. Secur. 6, 3 (Aug.). Google ScholarDigital Library
Index Terms
- Access control in collaborative systems
Recommendations
Annotation-based access control for collaborative information spaces
Web 2.0 social platforms (e.g., Flickr, YouTube) and Collaborative Working Environments (e.g., Microsoft SharePoint, BSCW) provide Web-based collaborative information spaces which enable common users and/or professionals to work together and share their ...
Security and Access Control for a Human-centric Collaborative Commerce System
CTS '06: Proceedings of the International Symposium on Collaborative Technologies and SystemsThe rise of globally distributed computer based workspaces has enabled the incorporation of collaboration in electronic commerce (e-Commerce) systems. Working in collaborative environments with e-Commerce technologies leads to the subject of ...
Dynamic access control administration for collaborative applications
ICCOMP'06: Proceedings of the 10th WSEAS international conference on ComputersToday's web-based collaborative applications need new approaches to overcome the shortcomings of classical access control. The limitations on administrative aspects of the existing security models and the requirements for more efficient management of ...
Comments