Attribute Based Access Control and Security for Collaboration Environments

Proliferation of collaboration environments brings new issues to the area of security. In this paper, we briefly describe the characteristics of security associated with collaboration environments. We also discuss and analyze several schemes in different areas of security, including access control, secure group communication, and security management. Another contribution of this paper is a proposed access control model with more flexibility and ability to address trust and privacy preserving issues based on attributes.

[1]  Yuh-Min Chen,et al.  Development of an access control model, system architecture and approaches for resource sharing in virtual enterprise , 2007, Comput. Ind..

[2]  Elisa Bertino,et al.  Secure knowledge management: confidentiality, trust, and privacy , 2006, IEEE Transactions on Systems, Man, and Cybernetics - Part A: Systems and Humans.

[3]  B. Nick Rossiter,et al.  A task-based security model to facilitate collaboration in trusted multi-agency networks , 2002, SAC '02.

[4]  Gene Tsudik,et al.  Secure spread: an integrated architecture for secure group communication , 2005, IEEE Transactions on Dependable and Secure Computing.

[5]  Roshan K. Thomas,et al.  Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments , 1997, RBAC '97.

[6]  Jérémy Briffaut,et al.  Team­-Based MAC Policy over Security-­Enhanced Linux , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[7]  Gerardine DeSanctis,et al.  A foundation for the study of group decision support systems , 1987 .

[8]  Ravi Sandhu,et al.  Secure attribute services on the web , 1999 .

[9]  Günther Pernul,et al.  A Privacy-Enhanced Attribute-Based Access Control System , 2007, DBSec.

[10]  Steve Benford,et al.  An access control framework for multi-user collaborative environments , 1999, GROUP.

[11]  Gail-Joon Ahn,et al.  Role-based Trust Assignment in Trust Management Systems , 2004, PDCS.

[12]  Roshan K. Thomas,et al.  Flexible team-based access control using contexts , 2001, SACMAT '01.

[13]  Frédéric Cuppens,et al.  Organization based access control , 2003, Proceedings POLICY 2003. IEEE 4th International Workshop on Policies for Distributed Systems and Networks.

[14]  Manoj R. Sastry,et al.  A Contextual Attribute-Based Access Control Model , 2006, OTM Workshops.

[15]  Konstantinos Psounis,et al.  Active networks: Applications, security, safety, and architectures , 1999, IEEE Communications Surveys & Tutorials.

[16]  E. Damiani,et al.  New paradigms for access control in open environments , 2005, Proceedings of the Fifth IEEE International Symposium on Signal Processing and Information Technology, 2005..

[17]  Anand R. Tripathi,et al.  Static verification of security requirements in role based CSCW systems , 2003, SACMAT '03.

[18]  Prasun Dewan,et al.  Access control for collaborative environments , 1992, CSCW '92.

[19]  Jian Zhu,et al.  Security and Access Control for a Human-centric Collaborative Commerce System , 2006, International Symposium on Collaborative Technologies and Systems (CTS'06).

[20]  Ning Zhang,et al.  A Purpose-Based Access Control Model , 2007 .

[21]  Yong Chen,et al.  Using Trust for Secure Collaboration in Uncertain Environments , 2003, IEEE Pervasive Comput..

[22]  Paul Helman,et al.  An immunological approach to change detection: algorithms, analysis and implications , 1996, Proceedings 1996 IEEE Symposium on Security and Privacy.

[23]  Ravi S. Sandhu,et al.  Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management , 1997, DBSec.