Skip to main content
SpringerLink
Log in

Towards Coequal Authorization for Dynamic Collaboration

  • Conference paper
Active Media Technology (AMT 2011)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 6890))

Included in the following conference series:

Abstract

In dynamic collaboration, participants oftentimes need to share resources with each other under the same criteria. However, since each participant has its own authorization policies as a way of controlling resource access, their discrepancies make such collaboration difficult. It is desired to develop a practical and automatic way to generate the collaborative policies for coequal authorizations. In this paper, we investigate this problem by proposing an authorization framework based on the widely adopted XACML policy. Each practical XACML policy is converted into Boolean expressions and further refined as a set of atomic rules against the policy structure. With the rule set, the combination algorithms in policies and the collaboration preference of participants, the collaborative authorization policy is automatically generated. We analyze the consistency of the collaborative policies with previous authorization policies. Some experiments are performed to exam our approach and show that it can efficiently solve the problem of coequal authorizations.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Wijesekera, D., Jajodia, S.: A propositional policy algebra for access control. ACM Transactions on Information and System Security (TISSEC) 6, 286–325 (2003)

    Article  Google Scholar 

  2. Lee, A.J., Boyer, J.P., Olson, L.E., Gunter, C.A.: Defeasible security policy composition for web services. In: Proceedings of the fourth ACM workshop on Formal methods in security, Alexandria, USA (2006)

    Google Scholar 

  3. Ni, Q., Bertino, E., Lobo, J.: D-algebra for composing access control policy decision. In: Proceedings of the 4th ACM Symposium on Information, Computer and Communications Security (ASIACCS), Sydney, Australia (2009)

    Google Scholar 

  4. Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: Fine-grained integration of access control policies. Computers and Security 30, 91–107 (2011)

    Article  Google Scholar 

  5. Backes, M., Durmuth, M., Steinwandt, R.: An Algebra for Composing Enterprise Privacy Policies. In: Samarati, P., Ryan, P.Y.A., Gollmann, D., Molva, R. (eds.) ESORICS 2004. LNCS, vol. 3193, pp. 33–52. Springer, Heidelberg (2004)

    Chapter  Google Scholar 

  6. Bonatti, P., Vimercati, S.D.C.D., Samarati, P.: An algebra for composing access control policies. ACM Transactions on Information and System Security (TISS) 5, 1–35 (2002)

    Article  Google Scholar 

  7. Kostutanski, H., Massacci, F.: An access control framework for business processes for web services. In: Proceedings of ACM Workshop on XML Security, pp. 15–24 (2003)

    Google Scholar 

  8. Mazzoleni, P., Bertino, E., Crispo, B.: Xacml policy integration algorithms. In: Proceedings of the 11th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 223–232 (2006)

    Google Scholar 

  9. Extensible access control markup language (xacml) version 2.03. Technical report (2005)

    Google Scholar 

  10. Fisler, K., Krishnamurthi, S., Meyerovich, L.A., Tschantz, M.C.: Verification and change-impact analysis of access-control policies. In: Proceedings of the 27th International Conference on Software Engineering (ICSE), pp. 196–205 (2005)

    Google Scholar 

  11. Sasturkar, A., Yang, P., Stoller, S.D., Ramakrishnan, C.R.: Policy analysis for administrative role based access control. In: Proceedings of the 19th IEEE Workshop on Computer Security Foundations, Venice, Italy, pp. 124–138 (2006)

    Google Scholar 

  12. Lin, D., Rao, P., Bertino, E., Lobo, J.: An approach to evaluate policy similarity. In: ACM Symposium on Access Control Models and Technologies (SACMAT), Sophia Antipolis, France, pp. 1–10 (2007)

    Google Scholar 

  13. Chen, C., Sun, Y., Pan, P.: Similarity analysis on heterogeneous security policy. In: The Third International Conference on Pervasive Computing and Applications (ICPCA 2008), Alexandria, Egypt, pp. 680–685 (2008)

    Google Scholar 

  14. Shehab, M., Ghafoor, A., Bertino, E.: Secure collaboration in a mediator-free distributed environments. IEEE Transactions on Parallel and Distributed Systems 19, 1338–1351 (2008)

    Article  Google Scholar 

  15. Anderson, A.: Evaluating xacml as a policy language. Technical report, OASIS (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. School of Computer Science and Technology, Shandong University, Jinan, Shandong, 250100, China

    Yuqing Sun & Chen Chen

Authors
  1. Yuqing Sun
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chen Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Life Science and Informatics, Maebashi Institute of Technology, 460-1 Kamisadori-Cho, Maebashi-City, 371.0816, Japan

    Ning Zhong

  2. Department of Computer Science, University of Essex, Wivenhoe Park, CO4 3SQ, Colchester, Essex, UK

    Vic Callaghan

  3. Faculty of Computer Science, University of New Brunswick, E3B 5A3, Fredericton, N.B., Canada

    Ali A. Ghorbani

  4. School of Information Science and Engineering, Lanzhou University, Feiyun Lou Building, Tianshui South Road 222, 730000, Lanzhou, Gansu, China

    Bin Hu

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Sun, Y., Chen, C. (2011). Towards Coequal Authorization for Dynamic Collaboration. In: Zhong, N., Callaghan, V., Ghorbani, A.A., Hu, B. (eds) Active Media Technology. AMT 2011. Lecture Notes in Computer Science, vol 6890. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23620-4_26

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23620-4_26

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23619-8

  • Online ISBN: 978-3-642-23620-4

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation