Title :
An interaction-based access control model (IBAC) for collaborative services
Author :
Altunay, Mine ; Byrd, Gregory T. ; Brown, Doug E. ; Dean, Ralph A.
Abstract :
A collaboration is a collection of services that work together to achieve a common goal. Although collaborations help when tackling difficult problems, they lead to security issues. First, a collaboration is often performed by services that are drawn from different security domains. Second, a service interacts with multiple peer services during the collaboration. These interactions are not isolated from one another - e.g., data may flow through a sequence of different services. As a result, a service is exposed to multiple peer services in varying degrees, leading to different security threats. We identify the types of interactions that can be present in collaborations, and discuss the security threats due to each type. We propose a model for representing the collaboration context so that a service can be made aware of the existing interactions. We provide an access control model for a service participating in a collaboration. We couple our access control model with a policy model, so that the access requirements from collaborations can be expressed and evaluated.
Keywords :
Web services; authorisation; groupware; peer-to-peer computing; Web services; collaboration context; collaborative services; interaction-based access control model; multiple peer services; Access control; Collaboration; Collaborative work; Context modeling; Context-aware services; Data security; Engines; Information security; Service oriented architecture; Web services; access control; collaboration context; web services; workflow planning;
Conference_Titel :
Collaborative Technologies and Systems, 2008. CTS 2008. International Symposium on
Conference_Location :
Irvine, CA
Print_ISBN :
978-1-4244-2248-7
Electronic_ISBN :
978-1-4244-2249-4
DOI :
10.1109/CTS.2008.4543977
