Usable Access Control in Collaborative Environments: Authorization Based on People-Tagging

  • Qihua Wang
  • Hongxia Jin
  • Ninghui Li
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5789)


We study attribute-based access control for resource sharing in collaborative work environments. The goal of our work is to encourage sharing within an organization by striking a balance between usability and security. Inspired by the great success of a number of collaboration-based Web 2.0 systems, such as Wikipedia and, we propose a novel attribute-based access control framework that acquires information on users’ attributes from the collaborative efforts of all users in a system, instead of from a small number of trusted agents. Intuitively, if several users say that someone has a certain attribute, our system believes that the latter indeed has the attribute. In order to allow users to specify and maintain the attributes of each other, we employ the mechanism of people-tagging, where users can tag each other with the terms they want, and tags from different users are combined and viewable by all users in the system. In this article, we describe the system framework of our solution, propose a language to specify access control policies, and design an example-based policy specification method that is friendly to ordinary users. We have implemented a prototype of our solution based on a real-world and large-scale people-tagging system in IBM. Experiments have been performed on the data collected by the system.


Access Control Trust Management Relevant Score Access Control Policy Importance Score 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Blaze, M., Feigenbaum, J., Ioannidis, J., Keromytis, A.D.: The KeyNote trust-management system, version 2. IETF RFC 2704 (September 1999)Google Scholar
  2. 2.
    Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, pp. 164–173. IEEE Computer Society Press, Los Alamitos (1996)CrossRefGoogle Scholar
  3. 3.
    Farrell, S., Lau, T.: Fringe contacts: People-tagging for the enterprise. In: WWW 2006: Collaborative Web Tagging Workshop, Edinburgh, Scotland (2006)Google Scholar
  4. 4.
    Farrell, S., Lau, T., Nusser, S., Wilcox, E., Muller, M.: Socially augmenting employee profiles with people-tagging. In: Proceedings of the ACM Symposium on User Interface Software and Technology (UIST), pp. 91–100. ACM Press, New York (2007)CrossRefGoogle Scholar
  5. 5.
    Jason Program Office. Horizontal Integration: Broader Access Models for Realizing Information Dominance. The MITRE Corporation (December 2004)Google Scholar
  6. 6.
    Li, N., Mitchell, J.C., Winsborough, W.H.: Design of a role-based trust management framework. In: Proceedings of the 2002 IEEE Symposium on Security and Privacy, pp. 114–130. IEEE Computer Society Press, Los Alamitos (2002)Google Scholar
  7. 7.
    Mannan, M., van Oorschot, P.C.: Privacy-enhanced sharing of personal content on the web. In: WWW 2008: Proceeding of the 17th international conference on World Wide Web, pp. 487–496. ACM Press, New York (2008)CrossRefGoogle Scholar
  8. 8.
    Najafian Razavi, M., Iverson, L.: Supporting selective information sharing with people-tagging. In: ACM Conference on Human Factors in Computing Systems (CHI) (Work-in-Progress), pp. 3423–3428. ACM Press, New York (2008)Google Scholar
  9. 9.
    Wang, Q., Jin, H.: Selective message distribution with people-tagging in user-collaborative environments. In: ACM Conference on Human Factors in Computing Systems (CHI) (Work-in-Progress), pp. 3423–3428. ACM Press, New York (2009)Google Scholar
  10. 10.
    Wang, Q., Jin, H., Nusser, S.: Automatic categorization of tags in collaborative environments. In: Proceedings of the International Conference on Collaborative Computing (CllaborateCom), ICST (2008)Google Scholar
  11. 11.
    West, A.G., Aviv, A.J., Chang, J., Prabhu, V.S., Blaze, M., Kannan, S., Lee, I., Smith, J.M., Sokolsky, O.: Quantm: a quantitative trust management system. In: EUROSEC 2009: Proceedings of the Second European Workshop on System Security, pp. 28–35. ACM Press, New York (2009)CrossRefGoogle Scholar
  12. 12.
    Xu, Z., Fu, Y., Mao, J., Su, D.: Towards the semantic web: Collaborative tag suggestions. In: WWW 2006: Collaborative Web Tagging Workshop, Edinburgh, Scotland (2006)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Qihua Wang
    • 1
  • Hongxia Jin
    • 2
  • Ninghui Li
    • 1
  1. 1.Department of Computer SciencePurdue UniversityUSA
  2. 2.IBM Almaden Research CenterUSA

Personalised recommendations