ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Access control in collaborative systems
Full text PdfPdf (247 KB)
Source ACM Computing Surveys (CSUR) archive
Volume 37 ,  Issue 1  (March 2005) table of contents
Pages: 29 - 41  
Year of Publication: 2005
ISSN:0360-0300
Authors
William Tolone  University of North Carolina at Charlotte, Charlotte, NC
Gail-Joon Ahn  University of North Carolina at Charlotte, Charlotte, NC
Tanusree Pai  University of North Carolina at Charlotte, Charlotte, NC
Seng-Phil Hong  Information and Communications University, Taejon, Korea
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 87,   Downloads (12 Months): 602,   Citation Count: 14
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1057977.1057979
What is a DOI?

ABSTRACT

Balancing the competing goals of collaboration and security is a difficult, multidimensional problem. Collaborative systems often focus on building useful connections among people, tools, and information while security seeks to ensure the availability, confidentiality, and integrity of these same elements. In this article, we focus on one important dimension of this problem---access control. The article examines existing access control models as applied to collaboration, highlighting not only the benefits, but also the weaknesses of these models.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Gail-Joon Ahn , Ravi Sandhu, Role-based authorization constraints specification, ACM Transactions on Information and System Security (TISSEC), v.3 n.4, p.207-226, Nov. 2000  [doi>10.1145/382912.382913]
2
Gail-Joon Ahn , Ravi Sandhu , Myong Kang , Joon Park, Injecting RBAC to secure a Web-based workflow system, Proceedings of the fifth ACM workshop on Role-based access control, p.1-10, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344295]
 
3
Ahn, G.-J., Shin, D., and Zhang, L. 2004. Role-based privilege management using attribute certificates and delegation. In International Conference on Trust and Privacy in Digital Business. Lecture Notes in Computer Science. Springer-Verlag.
 
4
Ahn, G.-J., Zhang, L., Shin, D., and Chu, B. 2003. Authorization management for role-based collaboration. In IEEE International Conference on System, Man and Cybernetic. Washington, DC. 4128--4214.
5
Elisa Bertino , Elena Ferrari , Vijay Atluri, The specification and enforcement of authorization constraints in workflow management systems, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.65-104, Feb. 1999  [doi>10.1145/300830.300837]
6
Elisa Bertino , Piero Andrea Bonatti , Elena Ferrari, TRBAC: a temporal role-based access control model, Proceedings of the fifth ACM workshop on Role-based access control, p.21-30, July 26-28, 2000, Berlin, Germany  [doi>10.1145/344287.344298]
7
L. Brothers , V. Sembugamoorthy , M. Muller, ICICLE: groupware for code inspection, Proceedings of the 1990 ACM conference on Computer-supported cooperative work, p.169-181, October 07-10, 1990, Los Angeles, California, United States  [doi>10.1145/99332.99353]
 
8
Bullock, A. 1998. SPACE: Spatial access control for collaborative virtual environments. PhD. thesis, University of Notingham.
9
Adrian Bullock , Steve Benford, An access control framework for multi-user collaborative environments, Proceedings of the international ACM SIGGROUP conference on Supporting group work, p.140-149, November 14-17, 1999, Phoenix, Arizona, United States  [doi>10.1145/320297.320313]
10
George Coulouris , Jean Dollimore , Marcus Roberts, Role and task-based access control in the PerDiS groupware platform, Proceedings of the third ACM workshop on Role-based access control, p.115-121, October 22-23, 1998, Fairfax, Virginia, United States  [doi>10.1145/286884.286908]
11
Michael J. Covington , Wende Long , Srividhya Srinivasan , Anind K. Dev , Mustaque Ahamad , Gregory D. Abowd, Securing context-aware applications using environment roles, Proceedings of the sixth ACM symposium on Access control models and technologies, p.10-20, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373258]
12
Prasun Dewan , HongHai Shen, Flexible meta access-control for collaborative applications, Proceedings of the 1998 ACM conference on Computer supported cooperative work, p.247-256, November 14-18, 1998, Seattle, Washington, United States  [doi>10.1145/289444.289499]
13
W. Keith Edwards, Policies and roles in collaborative applications, Proceedings of the 1996 ACM conference on Computer supported cooperative work, p.11-20, November 16-20, 1996, Boston, Massachusetts, United States  [doi>10.1145/240080.240175]
 
14
Ellis, C. A., Gibbs, S. J., and Rein, G. L. 1989. Design and use of a group editor. In International Federation for Information Processing Working Group 2.7, Working Conference on Engineering for Human-Computer Interaction. 13--28.
15
David Ferraiolo , John Barkley, Specifying and managing role-based access control within a corporate intranet, Proceedings of the second ACM workshop on Role-based access control, p.77-82, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266761]
16
David F. Ferraiolo , John F. Barkley , D. Richard Kuhn, A role-based access control model and reference implementation within a corporate intranet, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.34-64, Feb. 1999  [doi>10.1145/300830.300834]
17
Christos K. Georgiadis , Ioannis Mavridis , George Pangalos , Roshan K. Thomas, Flexible team-based access control using contexts, Proceedings of the sixth ACM symposium on Access control models and technologies, p.21-27, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373259]
18
Irene Greif , Sunil Sarin, Data sharing in group work, ACM Transactions on Information Systems (TOIS), v.5 n.2, p.187-211, April 1987  [doi>10.1145/27636.27640]
19
Trent Jaeger, On the increasing importance of constraints, Proceedings of the fourth ACM workshop on Role-based access control, p.33-42, October 28-29, 1999, Fairfax, Virginia, United States  [doi>10.1145/319171.319175]
20
Trent Jaeger , Atul Prakash, Requirements of role-based access control for collaborative systems, Proceedings of the first ACM Workshop on Role-based access control, p.16-es, November 30-December 02, 1995, Gaithersburg, Maryland, United States  [doi>10.1145/270152.270183]
21
Myong H. Kang , Joon S. Park , Judith N. Froscher, Access control mechanisms for inter-organizational workflow, Proceedings of the sixth ACM symposium on Access control models and technologies, p.66-74, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373266]
22
Simon M. Kaplan , William J. Tolone , Douglas P. Bogia , Celsina Bignoli, Flexible, active support for collaborative work with ConversationBuilder, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.378-385, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143552]
23
Butler W. Lampson, Protection, ACM SIGOPS Operating Systems Review, v.8 n.1, p.18-24, January 1974  [doi>10.1145/775265.775268]
24
Christine M. Neuwirth , David S. Kaufer , Ravinder Chandhok , James H. Morris, Issues in the design of computer support for co-authoring and commenting, Proceedings of the 1990 ACM conference on Computer-supported cooperative work, p.183-195, October 07-10, 1990, Los Angeles, California, United States  [doi>10.1145/99332.99354]
25
Joon S. Park , Ravi Sandhu , Gail-Joon Ahn, Role-based access control on the web, ACM Transactions on Information and System Security (TISSEC), v.4 n.1, p.37-71, Feb. 2001  [doi>10.1145/383775.383777]
 
26
Sandhu, R. and Samarati, P. 1994. Access control: Principles and practice. IEEE Communications 32, 9, 40--48.
 
27
Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996  [doi>10.1109/2.485845]
28
HongHai Shen , Prasun Dewan, Access control for collaborative environments, Proceedings of the 1992 ACM conference on Computer-supported cooperative work, p.51-58, November 01-04, 1992, Toronto, Ontario, Canada  [doi>10.1145/143457.143461]
 
29
Shin, D., Ahn, G.-J., and Cho, S. 2002. Role-based EAM using x.509 attribute certificate. In Proceedings of 16th Annual International Federation for Information Processing Working Group 11.3, Working Conference on Data and Application Security. Cambridge, UK.
 
30
Sikkel, K. 1997. A group-based authorization model for cooperative systems. In ACM Conference on Computer-Supported Cooperative Work. 345--360.
31
Markus Sohlenkamp , Greg Chwelos, Integrating communication, cooperation, and awareness: the DIVA virtual office environment, Proceedings of the 1994 ACM conference on Computer supported cooperative work, p.331-343, October 22-26, 1994, Chapel Hill, North Carolina, United States  [doi>10.1145/192844.193041]
32
Roshan K. Thomas, Team-based access control (TMAC): a primitive for applying role-based access controls in collaborative environments, Proceedings of the second ACM workshop on Role-based access control, p.13-19, November 06-07, 1997, Fairfax, Virginia, United States  [doi>10.1145/266741.266748]
 
33
Roshan K. Thomas , Ravi S. Sandhu, Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management, Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects, p.166-181, August 10-13, 1997
 
34
Thomas, R. and Sandhu, R. S. 1994. Conceptual foundations for a model of task-based authorizations. In Proceedings of 7th IEEE Computer Security Foundations Workshop. Franconia, NH. 66--79.
35
Weigang Wang, Team-and-role-based organizational context and access control for cooperative hypermedia environments, Proceedings of the tenth ACM Conference on Hypertext and hypermedia : returning to our diverse roots: returning to our diverse roots, p.37-46, February 21-25, 1999, Darmstadt, Germany  [doi>10.1145/294469.294480]
36
Walt Yao , Ken Moody , Jean Bacon, A model of OASIS role-based access control and its support for active security, Proceedings of the sixth ACM symposium on Access control models and technologies, p.171-181, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373294]
37
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role based delegation, Proceedings of the sixth ACM symposium on Access control models and technologies, p.153-162, May 2001, Chantilly, Virginia, United States  [doi>10.1145/373256.373289]
38
Longhua Zhang , Gail-Joon Ahn , Bei-Tseng Chu, A rule-based framework for role-based delegation and revocation, ACM Transactions on Information and System Security (TISSEC), v.6 n.3, p.404-441, August 2003  [doi>10.1145/937527.937530]

CITED BY  14
Anand V. Hudli , Balasubrahmanya Shivaradhya , Raghu V. Hudli, Level-4 SaaS applications for healthcare industry, Proceedings of the 2nd Bangalore Annual Compute Conference on 2nd Bangalore Annual Compute Conference, January 09-10, 2009, Bangalore, India
 
Erik Wilde , Sai Anand , Thierry Bucheler , Max Jorg , Nick Nabholz , Petra Zimmermann, Collaboration support for bibliographic data, International Journal of Web Based Communities, v.4 n.1, p.98-109, January 2008
Vijayant Dhankhar , Saket Kaushik , Duminda Wijesekera , Anil Nerode, Evaluating distributed xacml policies, Proceedings of the 2007 ACM workshop on Secure web services, November 02-02, 2007, Fairfax, Virginia, USA
He Wang , Sylvia L. Osborn, Delegation in the role graph model, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
Lior Berry , Lyn Bartram , Kellogg S. Booth, Role-based control of shared application views, Proceedings of the 18th annual ACM symposium on User interface software and technology, October 23-26, 2005, Seattle, WA, USA
 
F. L. Gutiérrez Vela , J. L. Isla Montes , P. Paderewski Rodríguez , M. Sánchez Román , B. Jiménez Valverde, An architecture for access control management in collaborative enterprise systems based on organization models, Science of Computer Programming, v.66 n.1, p.44-59, April, 2007
 
Esther Palomar , Juan M. E. Tapiador , Julio C. Hernandez-Castro , Arturo Ribagorda, Secure content access and replication in pure P2P networks, Computer Communications, v.31 n.2, p.266-279, February, 2008
Xinwen Zhang , Masayuki Nakae , Michael J. Covington , Ravi Sandhu, A usage-based authorization framework for collaborative computing systems, Proceedings of the eleventh ACM symposium on Access control models and technologies, June 07-09, 2006, Lake Tahoe, California, USA
 
Quan Pham , Jason Reid , Adrian McCullagh , Ed Dawson, Commitment issues in delegation process, Proceedings of the sixth Australasian conference on Information security, January 01-01, 2008, Wollongong, NSW, Australia
Steve Barker, Access control by action control, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA
 
Mahalingam Ramkumar , Nasir Memon, Secure collaborations over message boards, International Journal of Security and Networks, v.1 n.1/2, p.113-124, September 2006
Fengjun Li , Bo Luo , Peng Liu , Dongwon Lee , Chao-Hsien Chu, Automaton segmentation: a new approach to preserve privacy in xml information brokering, Proceedings of the 14th ACM conference on Computer and communications security, October 28-31, 2007, Alexandria, Virginia, USA
 
Ioannis Mavridis , Andreas Mattas , Ioannis Pagkalos , Isabella Kotini , Christos Ilioudis, Supporting dynamic administration of RBAC in web-based collaborative applications during run-time, International Journal of Information and Computer Security, v.2 n.4, p.328-352, January 2009
Xinwen Zhang , Masayuki Nakae , Michael J. Covington , Ravi Sandhu, Toward a Usage-Based Security Framework for Collaborative Computing Systems, ACM Transactions on Information and System Security (TISSEC), v.11 n.1, p.1-36, February 2008

INDEX TERMS

Primary Classification:
  K. Computing Milieux
  K.6 MANAGEMENT OF COMPUTING AND INFORMATION SYSTEMS
      K.6.5 Security and Protection (D.4.6, K.4.2)


General Terms:
Management, Security


Keywords:
Access control, collaboration, security models

Collaborative Colleagues:
William Tolone: colleagues
Gail-Joon Ahn: colleagues
Tanusree Pai: colleagues
Seng-Phil Hong: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player