The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
A lattice model of secure information flow
Communications of the ACM
Protection in operating systems
Communications of the ACM
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
ACM SIGOPS Operating Systems Review
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
Protection: principles and practice
AFIPS '72 (Spring) Proceedings of the May 16-18, 1972, spring joint computer conference
Automatic enforcement of access control policies among dynamic coalitions
ICDCIT'04 Proceedings of the First international conference on Distributed Computing and Internet Technology
Foundations for group-centric secure information sharing models
Proceedings of the 14th ACM symposium on Access control models and technologies
Group-centric models for secure and agile information sharing
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
On the suitability of dissemination-centric access control systems for group-centric sharing
Proceedings of the 4th ACM conference on Data and application security and privacy
Hi-index | 0.00 |
In this paper, we propose a conceptual framework for developing a family of models for Group-Centric information sharing. The traditional approach to information sharing, characterized as Dissemination-Centric in this paper, focuses on attaching attributes and policies to an object (sometimes called "sticky policies") as it is disseminated from producers to consumers in a system. In contrast, Group-Centric sharing envisions bringing the subjects and objects together in a group to facilitate sharing. The metaphor is that of a secure meeting room where participants and information come together to "share" information for some common purpose. Another metaphor is that of the subscription model where, depending on policy, joining users may or may not be authorized to access past content. We argue that in such contexts, and in accordance with different application use cases, authorizations are influenced by the temporal ordering of subject and object group membership and by the precise nature of membership operations. For instance some subjects may only get future information added to the group while others may also be able to access previously added information. We develop a lattice of models based on variations of these basic membership operations, and discuss usage scenarios to illustrate practical applications of this lattice. Two principles guide Group-Centric models. First, "share but differentiate" which promotes sharing while differentiating user authorizations depending on temporal aspect of membership. Next, "groups within groups" which advocates relationships (such as a hierarchy) between multiple groups. In this paper, we confine our attention to read accesses in a single group.