Access control management in a distributed environment supporting dynamic collaboration

Subscribe (Full Service)


	Search: The ACM Digital Library The Guide

	Feedback

Access control management in a distributed environment supporting dynamic collaboration

Full text

Pdf (261 KB)

Source

Workshop On Digital Identity Management archive
Proceedings of the 2005 workshop on Digital identity management table of contents

Fairfax, VA, USA

SESSION: DIM frameworks table of contents

Pages: 104 - 112

Year of Publication: 2005

ISBN:1-59593-232-1

Authors

Basit Shafiq	Purdue University, West Lafayette, IN
Elisa Bertino	Purdue University, West Lafayette, IN
Arif Ghafoor	Purdue University, West Lafayette, IN

Sponsors

SIGSAC: ACM Special Interest Group on Security, Audit, and Control
ACM: Association for Computing Machinery

Publisher

ACM New York, NY, USA

Bibliometrics

Downloads (6 Weeks): 12, Downloads (12 Months): 108, Citation Count: 5

Additional Information:

abstract references cited by index terms collaborative colleagues

Tools and Actions:	Request Permissions Review this Article Save this Article to a Binder Display Formats: BibTeX EndNote ACM Ref

DOI Bookmark:	Use this link to bookmark this Article: http://doi.acm.org/10.1145/1102486.1102503 What is a DOI?

ABSTRACT

Ensuring secure and authorized access to remote services and information resources in a dynamic collaborative environment is a challenging task. Two major issues that need to be addressed in this regard are: specification of access control requirements and trust management. Specification of access control requirements for dynamic collaboration is challenging mainly because of the limited or lack of knowledge about remote users' identities and affiliations. The access control policies and constraints defining users' authorization over remote resources and services need to be specified in terms of the attributes and properties of the users. Moreover, the criteria for validating the attributes of the users should also be specified as part of access control requirements. Trust management, in the context of dynamic collaboration, involves validation of user's attributes for secure interaction and prevention of unauthorized disclosure of policies and attributes. The paper discusses these issues in detail and presents a framework for access control and trust management in a distributed collaborative environment.

REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

	1	James B. D. Joshi , Elisa Bertino , Usman Latif , Arif Ghafoor, A Generalized Temporal Role-Based Access Control Model, IEEE Transactions on Knowledge and Data Engineering, v.17 n.1, p.4-23, January 2005 [doi>10.1109/TKDE.2005.1]
	2	Tanvir Ahmed , Anand R. Tripathi, Policy-based design of secure distributed collaboration systems, University of Minnesota, Minneapolis, MN, 2004
	3	Grandison, T., and Sloman, M. A survey of trust in Internet applications. IEEE Communications Surveys, Fourth Quarter, 2000, 2--14.
	4	Alfarez Abdul-Rahman , Stephen Hailes, A distributed trust model, Proceedings of the 1997 workshop on New security paradigms, p.48-60, September 23-26, 1997, Langdale, Cumbria, United Kingdom [doi>10.1145/283699.283739]
	5	Rahman, A.-A. The PGP trust model. The Journal of Electronic Commerce, 1997.
	6	Cai-Nicolas Ziegler , Georg Lausen, Spreading Activation Models for Trust Propagation, Proceedings of the 2004 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'04), p.83-97, March 28-31, 2004
	7	Mass, Y., and Shehory, O. Distributed trust in open multi-agent systems. Trust in Cyber Societies, LNAI, R. Falcone, M. Singh, and Y.-H Tan Edition, 2001, 159--173.
	8	Richardson, M., Agrawal, R., and Domingos, P. Trust management for the semantic web. In Proceedings of the International Semantic Web Conference, 2003.
	9	Ting Yu , Marianne Winslett, A Unified Scheme for Resource Protection in Automated Trust Negotiation, Proceedings of the 2003 IEEE Symposium on Security and Privacy, p.110, May 11-14, 2003
	10	Ting Yu , Marianne Winslett, Policy migration for sensitive credentials in trust negotiation, Proceedings of the 2003 ACM workshop on Privacy in the electronic society, October 30, 2003, Washington, DC [doi>10.1145/1005140.1005143]
	11	Winsborough, W., Li, N. Safety in automated trust negotiation, In Proceedings of the IEEE Symposium on Security and Privacy, 2004, 147--160.
	12	Seamons, K.E., Winslett, M., and Yu, T. Limiting the disclosure of access control policies during automated trust negotiation. In Proceedings of the Workshop on Privacy Enhancing Technologies, 2002.
	13	N. Li , W. Winsborough, Towards Practical Automated Trust Negotiation, Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02), p.92, June 05-07, 2002
	14	Ninghui Li , John C. Mitchell , William H. Winsborough, Design of a Role-Based Trust-Management Framework, Proceedings of the 2002 IEEE Symposium on Security and Privacy, p.114, May 12-15, 2002
	15	Lingyu Wang , Duminda Wijesekera , Sushil Jajodia, A logic-based framework for attribute based access control, Proceedings of the 2004 ACM workshop on Formal methods in security engineering, October 29-29, 2004, Washington DC, USA [doi>10.1145/1029133.1029140]
	16	Elisa Bertino , Elena Ferrari , Vijay Atluri, The specification and enforcement of authorization constraints in workflow management systems, ACM Transactions on Information and System Security (TISSEC), v.2 n.1, p.65-104, Feb. 1999 [doi>10.1145/300830.300837]
	17	JianJun Yu , Gang Zhou, Dynamic Web Service Invocation Based on UDDI, Proceedings of the E-Commerce Technology for Dynamic E-Business, IEEE International Conference on (CEC-East'04), p.154-157, September 13-15, 2004 [doi>10.1109/CEC-EAST.2004.35]
	18	Ravi S. Sandhu , Edward J. Coyne , Hal L. Feinstein , Charles E. Youman, Role-Based Access Control Models, Computer, v.29 n.2, p.38-47, February 1996 [doi>10.1109/2.485845]
	19	Rafae Bhatti , Arif Ghafoor , Elisa Bertino , James B. D. Joshi, X-GTRBAC: an XML-based policy specification framework and architecture for enterprise-wide access control, ACM Transactions on Information and System Security (TISSEC), v.8 n.2, p.187-227, May 2005 [doi>10.1145/1065545.1065547]
	20	OASIS XML-Based Security Services Technical Committee (SSTC). Security Assertion Markup Language (SAML). Technical Report, http://xml.coverpages.org/saml.html.
	21	Bhatti, R., Bertino, E., and Ghafoor, A. An integrated approach to federated identity and privilege management in open systems. Accepted for publication in the Communications of the ACM. Also available as CERIAS Technical Report TR 2005-42, https://www.cerias.purdue.edu/tools_and_resources/bibtex_archive/archive/2005-42.pdf.

CITED BY 5

	Samir Saklikar , Subir Saha, User privacy-preserving identity data dependencies, Proceedings of the second ACM workshop on Digital identity management, November 03-03, 2006, Alexandria, Virginia, USA
	Makoto Hatakeyama , Shigeyoshi Shima, Privilege federation between different user profiles for service federation, Proceedings of the 4th ACM workshop on Digital identity management, October 31-31, 2008, Alexandria, Virginia, USA
	Junzhou Luo , Xudong Ni, A clustering analysis and agent-based trust model in a grid environment supporting virtual organisations, International Journal of Web and Grid Services, v.5 n.1, p.3-16, March 2009
	Janice Warner , Soon Ae Chun, Semantic and pragmatic annotation for government information discovery, sharing and collaboration, Proceedings of the 10th Annual International Conference on Digital Government Research: Social Networks: Making Connections between Citizens, Data and Government, May 17-20, 2009
	Junzhou Luo , Xudong Ni , Jianming Yong, A trust degree based access control in grid environments, Information Sciences: an International Journal, v.179 n.15, p.2618-2628, July, 2009