Locale-based access control: placing collaborative authorization decisions in context
نویسندگان
چکیده
Collaboration systems require an appropriate uurhorizarion model to specifL and winrain policies that iiut only facilitate group activities but also enforce restrictions and uccountubility. Existing models fail to incorporate adequately into authorization decisions the rich notion of context rhut is inherent to any collaborative setting. In this paper we present the Locale-based Access Control (Locale-BA C) model for collaborative systems, a model whose design is based upon the.,application of Fitzparrick's Locule Framework for collabohion to the problem of access control. This model encapsulates the notion of context using locules, allowing for a nutural representation of collaborative authorization decisions.
منابع مشابه
Authorization models for secure information sharing: a survey and research agenda
This article presents a survey of authorization models and considers their 'fitness-for-purpose' in facilitating information sharing. Network-supported information sharing is an important technical capability that underpins collaboration in support of dynamic and unpredictable activities such as emergency response, national security, infrastructure protection, supply chain integration and emerg...
متن کاملCAMAC: a context-aware mandatory access control model
Mandatory access control models have traditionally been employed as a robust security mechanism in multilevel security environments such as military domains. In traditional mandatory models, the security classes associated with entities are context-insensitive. However, context-sensitivity of security classes and flexibility of access control mechanisms may be required especially in pervasive c...
متن کاملObligation for Role based Access Control
Role based access control has been widely used in security critical systems. Conventional role based access control is a passive model, which makes authorization decisions on requests, and the authorization decisions contain only information about whether the corresponding requests are authorised or not. One of the potential improvements for role based access control is the augmentation of obli...
متن کاملAccess control in ultra-large-scale systems using a data-centric middleware
The primary characteristic of an Ultra-Large-Scale (ULS) system is ultra-large size on any related dimension. A ULS system is generally considered as a system-of-systems with heterogeneous nodes and autonomous domains. As the size of a system-of-systems grows, and interoperability demand between sub-systems is increased, achieving more scalable and dynamic access control system becomes an im...
متن کاملTrust-Based Usage Control in Collaborative Environment
Most access control models have formal access control rules to govern the authorization of a request from a principal. In pervasive and collaborative environments, the behaviors of a principal are uncertain due to partial information. Moreover, the attributes of a principal, requested objects, and contexts of a request are mutable during the collaboration. A variety of such uncertainty and muta...
متن کامل