Policies and roles in collaborative applications
CSCW '96 Proceedings of the 1996 ACM conference on Computer supported cooperative work
Models for coalition-based access control (CBAC)
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
Oblivious signature-based envelope
Proceedings of the twenty-second annual symposium on Principles of distributed computing
A Community Authorization Service for Group Collaboration
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Certificate-based authorization policy in a PKI environment
ACM Transactions on Information and System Security (TISSEC)
The PRIMA System for Privilege Management, Authorization and Enforcement in Grid Environments
GRID '03 Proceedings of the 4th International Workshop on Grid Computing
First experiences using XACML for access control in distributed systems
Proceedings of the 2003 ACM workshop on XML security
A Goal-based Approach to Policy Refinement
POLICY '04 Proceedings of the Fifth IEEE International Workshop on Policies for Distributed Systems and Networks
Verification and change-impact analysis of access-control policies
Proceedings of the 27th international conference on Software engineering
Automated Decomposition of Access Control Policies
POLICY '05 Proceedings of the Sixth IEEE International Workshop on Policies for Distributed Systems and Networks
Role-based access management for ad-hoc collaborative sharing
Proceedings of the eleventh ACM symposium on Access control models and technologies
Attribute-Based Access Control with Hidden Policies and Hidden Credentials
IEEE Transactions on Computers
Analysis of privacy and security policies
IBM Journal of Research and Development
Protecting critical infrastructures while preserving each organization's autonomy
ICDCIT'11 Proceedings of the 7th international conference on Distributed computing and internet technology
An integrated approach for identity and access management in a SOA context
Proceedings of the 16th ACM symposium on Access control models and technologies
DASFAA'10 Proceedings of the 15th international conference on Database Systems for Advanced Applications - Volume Part I
Refactoring access control policies for performance improvement
ICPE '12 Proceedings of the 3rd ACM/SPEC International Conference on Performance Engineering
Multi-constraint security policies for delegated firewall administration
International Journal of Network Management
Toward efficient and confidentiality-aware federation of access control policies
Proceedings of the 7th Workshop on Middleware for Next Generation Internet Computing
Enforcement of entailment constraints in distributed service-based business processes
Information and Software Technology
| Hi-index | 0.00 |
With the advances in web service techniques, new collaborative applications have emerged like supply chain arrangements and coalition in government agencies. In such applications, the collaborating parties are responsible for managing and protecting resources entrusted to them. Access control decisions thus become a collaborative activity in which a global policy must be enforced by a set of collaborating parties without compromising the autonomy or confidentiality requirements of these parties. Unfortunately, none of the conventional access control systems meets these new requirements. To support collaborative access control, in this paper, we propose a novel policy-based access control model. Our main idea is based on the notion of policy decomposition and we propose an extension to the reference architecture for XACML. We present algorithms for decomposing a global policy and efficiently evaluating requests.