Trust and privacy in attribute based access control for collaboration environments

Many efforts in the area of computer security have been drawn to attribute-based access control (ABAC). Compared to other up-to-date models, ABAC provides more granularity, scalability, and flexibility, which make it a valuable candidate for securing collaboration between organizations, especially over an open network such as the Internet. On the other hand, this model lacks provisions for trust and privacy issues, both of which are becoming increasingly critical, particularly in collaboration environments. Recently, we proposed a preliminary model to address this gap [1]. This paper is a further discussion and development of how trust and privacy can be incorporated in the previously introduced ABAC model. In addition, we propose a structure for access control model that can cover most of real world access scenarios and schemes. The paper concludes with some remarks on implementation of such models along with possible future directions on evolution of access control models in general.

[1]  Günther Pernul,et al.  A Privacy-Enhanced Attribute-Based Access Control System , 2007, DBSec.

[2]  Seng-Phil Hong,et al.  Access control in collaborative systems , 2005, CSUR.

[3]  B. Nick Rossiter,et al.  A task-based security model to facilitate collaboration in trusted multi-agency networks , 2002, SAC '02.

[4]  Jan H. P. Eloff,et al.  Virtual enterprise access control requirements , 2003 .

[5]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[6]  Jian Zhu,et al.  Attribute Based Access Control and Security for Collaboration Environments , 2008, 2008 IEEE National Aerospace and Electronics Conference.

[7]  Heejo Lee,et al.  A Flexible Trust-Based Access Control Mechanism for Security and Privacy Enhancement in Ubiquitous Systems , 2007, 2007 International Conference on Multimedia and Ubiquitous Engineering (MUE'07).

[8]  Elisa Bertino,et al.  Privacy Protection , 2022 .

[9]  Jérémy Briffaut,et al.  Team­-Based MAC Policy over Security-­Enhanced Linux , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[10]  E. Damiani,et al.  New paradigms for access control in open environments , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[11]  Jian Zhu,et al.  Security and Access Control for a Human-centric Collaborative Commerce System , 2006, International Symposium on Collaborative Technologies and Systems (CTS'06).

[12]  Elisa Bertino,et al.  Secure knowledge management: confidentiality, trust, and privacy , 2006, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[13]  Ning Zhang,et al.  A Purpose-Based Access Control Model , 2007 .

[14]  Yichun Liu,et al.  Trust-Based Access Control for Collaborative System , 2008, 2008 ISECS International Colloquium on Computing, Communication, Control, and Management.

[15]  Manoj R. Sastry,et al.  A Contextual Attribute-Based Access Control Model , 2006, OTM Workshops.

[16]  Anand R. Tripathi,et al.  Static verification of security requirements in role based CSCW systems , 2003, SACMAT '03.

[17]  David M. Eyers,et al.  Using trust and risk in role-based access control policies , 2004, SACMAT '04.