research-article

Trust and privacy in attribute based access control for collaboration environments

Authors:

Waleed W. Smari,

Patrice ClementeAuthors Info & Claims

iiWAS '09: Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services

Pages 49 - 55

https://doi.org/10.1145/1806338.1806356

Published: 14 December 2009 Publication History

Abstract

Many efforts in the area of computer security have been drawn to attribute-based access control (ABAC). Compared to other up-to-date models, ABAC provides more granularity, scalability, and flexibility, which make it a valuable candidate for securing collaboration between organizations, especially over an open network such as the Internet. On the other hand, this model lacks provisions for trust and privacy issues, both of which are becoming increasingly critical, particularly in collaboration environments. Recently, we proposed a preliminary model to address this gap [1]. This paper is a further discussion and development of how trust and privacy can be incorporated in the previously introduced ABAC model. In addition, we propose a structure for access control model that can cover most of real world access scenarios and schemes. The paper concludes with some remarks on implementation of such models along with possible future directions on evolution of access control models in general.

References

[1]

Zhu, J. and W. W. Smari, "Attribute Based Access Control and Security for Collaboration Environments," IEEE National Aerospace & Electronics Conference 2008 (NAECON 2008), 16--18 July 2008, Holiday Inn, Fairborn, Ohio, pp. 31--35.

[2]

Coetzee, M. and J. H. P. Eloff, "Virtual Enterprise Access Control Requirements," Proceedings of the 2003 Annual Research Conference of the South African Institute of Computer Scientists and Information Technologists on Enablement through Technology, September 17--19, 2003, South African Institute for Computer Scientists and Information Technologists, pp. 285--294.

Digital Library

[3]

Kim S., J. Zhu, W. W. Smari, and W. K. McQuay, "Security and Access Control for a Human-centric Collaborative Commerce System," Proceedings of the 2006 International Symposium on Collaborative Technologies and Systems (CTS06), May 14--17, 2006, Las Vegas, USA, pp. 429--439.

Digital Library

[4]

Ahmed, T. and A. R. Tripathi, "Static Verification of Security Requirement in Role Based CSCW Systems," Symposium on Access Control Models and Technologies (SACMAT'03), June 1--4, 2003, Como, Italy, ACM, pp. 196--203.

Digital Library

[5]

Tolone, W., G. Ahn, and T. Pai, "Access Control in Collaborative Systems," ACM Computing Surveys, 37(1), 2005, pp. 29--41.

Digital Library

[6]

"Orange Book" TCSEC (Trusted Computer Evaluation Criteria)", American Department of Defense (DoD).

[7]

Kalam, A. A. E., R. E. Baida, P. Balbiani, S. Benferhat, et al, "Organization Based Access Control," Proceedings of the Fourth IEEE International Workshop on Policies for Distributed Systems and Networks, June 4--6, 2003, Lake Como, Italy, IEEE, pp. 120--134.

Digital Library

[8]

Liu, Y., "Trust-Based Access Control for Collaborative System," ISECS International Colloquium on Computing, Communication, Control, and Management (CCCM08), Aug. 2008, Guangzhou, China, pp. 444--448.

Digital Library

[9]

Ferraiolo, D. F., D. R. Kuhn and R. Chandramouli, ROLE-BASED ACCESS CONTROLS, Artech House, Boston, USA, 2003.

Digital Library

[10]

Aljareh, S. and N. Rossiter, "A Task-based Security Model to facilitate Collaboration in Trusted Multi-agency Networks," Proceedings of the 2002 ACM symposium on Applied computing, Madrid, Spain, March 11--14, 2002, pp. 744--749.

Digital Library

[11]

Briffaut, J., J.-F. Lalande and W. W. Smari, "Team Based MAC Policy Over Security Enhanced Linux," The Second International Conference on Emerging Security Information, Systems and Technologies (SECURWARE 2008), August 25--31, 2008, Cap Esterel, France, pp. 41--46.

Digital Library

[12]

Damiani, E., S. De Capitani di Vimercati, and P. Samarati, "New Paradigms for Access Control in Open Environments," Proceedings of the 5th IEEE International Symposium on Signal Processing and Information, Athens, Greece, December 18--21, 2005, pp. 540--545.

[13]

Byun, J.-W., E. Bertino, and N. Li, "Purpose Based Access Control of Complex Data for Privacy Protection," SACMAT'05: Proceedings of the 10th ACM Symposium on Access Conrol Models and Technologies, ACM Press, 2005, pp. 102--110.

Digital Library

[14]

Park, J. S. and R. Sandhu, "Smart Certificates: Extending X.509 for Secure Attribute Services on the Web," National Information Systems Security Conference, 22, 1999, pp. 337--348.

[15]

Covington, M. J. and M. R. Sastry, "A Contextual Attribute-Based Access Control Model," On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops, Lecture Notes in Computer Science, No. 4278, Springer, 2006, pp. 1996--2006.

Digital Library

[16]

Kolter, J., R. Schillinger, and G. Pernul, "A Privacy-Enhanced Attribute-Based Access Control System," Data and Applications Security XXI, Lecture Notes in Computer Science, No. 4602, Springer, 2007, pp. 129--143.

Digital Library

[17]

Bertino E., L. R. Khan, R. Sandhu, and B. Thuraisingham, "Secure Knowledge Management: Confidentiality, Trust, and Privacy," IEEE Transactions on Systems, Man, and Cybernetics---Part A: Systems and Humans, VOL. 36, NO. 3, MAY 2006, pp. 429--438.

Digital Library

[18]

Yang, N., H. Barringer, and N. Zhang "A Purpose-Based Access Control Model," Proceedings of the 3rd International Symposium on Information Assurance and Security (IAS 2007), Manchester, United Kingdom, August 29--31, 2007, pp. 143--148.

Digital Library

[19]

Dimmock, N., A. Belokosztolszki, D. Eyers, J. Bacon, and K. Moody, "Using trust and risk in role-based access control policies," Proceedings of the 9th ACM Symposium on Access Control Models and Technologies, Yorktown Heights, USA, June 02--04, 2004, pp. 156--162.

Digital Library

[20]

Giang, P. D., L. X. Hung, S. Lee, Y. Lee, and H. Lee, "A Flexible Trust-Based Access Control Mechanism for Security and Privacy Enhancement in Ubiquitous Systems," Proceedings of the 2007 International Conference on Multimedia and Ubiquitous Engineering, pp. 698--703.

Digital Library

Cited By

Xiao LBandukda MAngerbauer KLin WBhatnagar TSedlmair MHolloway C(2024)A Systematic Review of Ability-diverse Collaboration through Ability-based Lens in HCIProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3641930(1-21)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3641930
Salehi Shahraki ARudolph CGrobler M(2019)A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)10.1109/TrustCom/BigDataSE.2019.00088(618-625)Online publication date: Aug-2019
https://doi.org/10.1109/TrustCom/BigDataSE.2019.00088
Ouechtati HBen Azzouna NBen Said L(2018)Towards a self-adaptive access control middleware for the Internet of Things2018 International Conference on Information Networking (ICOIN)10.1109/ICOIN.2018.8343178(545-550)Online publication date: Jan-2018
https://doi.org/10.1109/ICOIN.2018.8343178
Show More Cited By

Recommendations

An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system

Many efforts in the area of computer security have been drawn to attribute-based access control (ABAC). Compared to other adopted models, ABAC provides more granularity, scalability, and flexibility. This makes it a valuable access control system ...
Domain Administration of Task-role Based Access Control for Process Collaboration Environments
IAS '09: Proceedings of the 2009 Fifth International Conference on Information Assurance and Security - Volume 01

The fast evolving workflow technologies facilitate organizations to interact and cooperate with each other to achieve their business goals by process collaborations. Task-role based access control is an important security mechanism to protect data and ...
Towards Policy Engineering for Attribute-Based Access Control
INTRUST 2013: Proceedings of the 5th International Conference on Trusted Systems - Volume 8292

Attribute-based Access Control (ABAC) was recently proposed as a general model which is able to capture the main existing access control models. This paper discusses the problems of configuring ABAC and engineering access policies. We question how to ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

cover image ACM Other conferences

iiWAS '09: Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services

December 2009

763 pages

ISBN:9781605586601

DOI:10.1145/1806338

General Chair:
Gabriele Kotsis
Johannes Kepler University Linz, Austria
,
Program Chairs:
David Taniar
Monash University, Australia
,
Eric Pardede
La Trobe University, Australia

Copyright © 2009 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

Johannes Kepler University

In-Cooperation

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 14 December 2009

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

iiWAS '09

Sponsor:

iiWAS '09: 11th International Conference on Information Integration and Web-based Applications & Services

December 14 - 16, 2009

Kuala Lumpur, Malaysia

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

8
Total Citations
View Citations
396
Total Downloads

Downloads (Last 12 months)4
Downloads (Last 6 weeks)0

Reflects downloads up to 22 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

Xiao LBandukda MAngerbauer KLin WBhatnagar TSedlmair MHolloway C(2024)A Systematic Review of Ability-diverse Collaboration through Ability-based Lens in HCIProceedings of the 2024 CHI Conference on Human Factors in Computing Systems10.1145/3613904.3641930(1-21)Online publication date: 11-May-2024
https://dl.acm.org/doi/10.1145/3613904.3641930
Salehi Shahraki ARudolph CGrobler M(2019)A Dynamic Access Control Policy Model for Sharing of Healthcare Data in Multiple Domains2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)10.1109/TrustCom/BigDataSE.2019.00088(618-625)Online publication date: Aug-2019
https://doi.org/10.1109/TrustCom/BigDataSE.2019.00088
Ouechtati HBen Azzouna NBen Said L(2018)Towards a self-adaptive access control middleware for the Internet of Things2018 International Conference on Information Networking (ICOIN)10.1109/ICOIN.2018.8343178(545-550)Online publication date: Jan-2018
https://doi.org/10.1109/ICOIN.2018.8343178
Zemmoudj SBermad NOmar M(2018)Context-aware pseudonymization and authorization model for IoT-based smart hospitalsJournal of Ambient Intelligence and Humanized Computing10.1007/s12652-018-1129-0Online publication date: 13-Dec-2018
https://doi.org/10.1007/s12652-018-1129-0
Servos DOsborn S(2017)Current Research and Open Problems in Attribute-Based Access ControlACM Computing Surveys10.1145/300720449:4(1-45)Online publication date: 2-Jan-2017
https://dl.acm.org/doi/10.1145/3007204
Ouechtati HAzzouna N(2017)Trust-ABAC Towards an Access Control System for the Internet of ThingsGreen, Pervasive, and Cloud Computing10.1007/978-3-319-57186-7_7(75-89)Online publication date: 13-Apr-2017
https://doi.org/10.1007/978-3-319-57186-7_7
Smari WClemente PLalande J(2014)An extended attribute based access control model with trust and privacyFuture Generation Computer Systems10.1016/j.future.2013.05.01031(147-168)Online publication date: 1-Feb-2014
https://dl.acm.org/doi/10.1016/j.future.2013.05.010
Kayem AMartin PAkl S(2012)Self-Protecting Access ControlPrivacy Protection Measures and Technologies in Business Organizations10.4018/978-1-61350-501-4.ch004(95-128)Online publication date: 2012
https://doi.org/10.4018/978-1-61350-501-4.ch004

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten