Collaborative Working Environments (CWEs) are getting prominence these days. With the increase in the use of collaboration tools and technologies, a lot of sharing and privacy issues have also emerged. Due to its dynamic nature, a CWE needs to adapt the changes into accordingly. In this paper, we have implemented the Adaptive Dynamic Sharing and Privacy-aware Role Based Access Control (Adaptive...

Web services can be composed of other services in a highly dynamic manner. The existing role based authorization approaches have not adequately taken component services into account when managing access control for composite services. In this paper, we propose a service oriented conceptual model as an extension of role based access control that can facilitate the administration and management o...

Models of Access Control Policies specified with graphs and graph transformation rules combine an intuitive visual representation with solid semantical foundations. While the expressive power of graph transformations leads in general to undecidable models, we prove that it is possible, with reasonable restrictions on the form of the rules, to obtain access control models where safety is decidab...

The effectiveness of an enterprise access control framework depends upon the integrity of the various components or the building blocks used in that framework. The essential components of that framework are: (a) an Enterprise Access Control Model (b) a Validation mechanism to verify the enterprise access control data developed based on that model, for conformance to the model as well as domain-...

Work on Role Based Access Control (RBAC) has emerged as the principle type of access control model in theory and practice. RBAC has frequently been criticized for the difficulty of setting up an initial role structure and for inflexibility in rapidly changing application. This paper offers a new role engineering approach to RoleBased Access Control (RBAC), referred to as visual role mining. The...

As mobile ad hoc networks (MANETs) are becoming popular for a variety of applications, so are the issues surrounding corresponding implementations. In this paper, a healthcare application is developed for an environment where normal network connectivity may not be available hence networking of small scale healthcare units and corresponding devices becomes necessary. Different roles of such unit...

Modeling security information has always been a fundamental part of every security system. A robust and flexible model is needed in order to guarantee both the easy management of security information and the efficient implementation of security mechanisms. In this paper, we present an XMLbased framework, which can be used for controlling access to computer systems. The framework is mainly targe...

Administrative Role Based Access Control (ARBAC) models deal with how to manage user-role assignments (URA), permission-role assignments (PRA), and rolerole assignments (RRA). A wide-variety of approaches have been proposed in the literature for URA, PRA and RRA. In this paper, we propose attribute-based administrative models that unify many prior approaches for URA and PRA. The motivating fact...

Web services offer a possibility of exchanging data between entities from different organizational bounderies. Keeping sensitive resources private in a public world is a common concern of service providers. Thus, there is a need for access control management at the level of the web services in addition to a prior negotiation of access. This negotiation is the first step in the access control ma...

Role Based Access Control (RBAC) has received considerable attention as a model of choice for simplified access control over the past decade. More recently, risk awareness in access control has emerged as an important research theme to mitigate risks involved when users exercise their privileges to access resources under different contexts such as accessing a sensitive file from work versus doi...