The NTree: a two dimension partial order for protection groups
ACM Transactions on Computer Systems (TOCS)
The schematic protection model: its definition and analysis for acyclic attenuating schemes
Journal of the ACM (JACM)
The temporal logic of reactive and concurrent systems
The temporal logic of reactive and concurrent systems
A temporal authorization model
CCS '94 Proceedings of the 2nd ACM Conference on Computer and communications security
Role-Based Access Control Models
Computer
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
The ARBAC97 model for role-based administration of roles
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
A Linear Time Algorithm for Deciding Subject Security
Journal of the ACM (JACM)
Protection in operating systems
Communications of the ACM
Protection and the control of information sharing in multics
Communications of the ACM
Practical safety in flexible access control models
ACM Transactions on Information and System Security (TISSEC)
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Information sharing and security in dynamic coalitions
SACMAT '02 Proceedings of the seventh ACM symposium on Access control models and technologies
A logical framework for reasoning about access control models
ACM Transactions on Information and System Security (TISSEC)
Originator Control in Usage Control
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
SP '92 Proceedings of the 1992 IEEE Symposium on Security and Privacy
A survey of key management for secure group communication
ACM Computing Surveys (CSUR)
DEXA '03 Proceedings of the 14th International Workshop on Database and Expert Systems Applications
A Model for Access Negotiations in Dynamic Coalitions
WETICE '04 Proceedings of the 13th IEEE International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises
Secure information sharing enabled by Trusted Computing and PEI models
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
Super-sticky and declassifiable release policies for flexible information dissemination control
Proceedings of the 5th ACM workshop on Privacy in electronic society
Towards secure information sharing using role-based delegation
Journal of Network and Computer Applications - Special issue: Network and information security: A computational intelligence approach
PEI models towards scalable, usable and high-assurance information sharing
Proceedings of the 12th ACM symposium on Access control models and technologies
Using semantics for automatic enforcement of access control policies among dynamic coalitions
Proceedings of the 12th ACM symposium on Access control models and technologies
A theory for comparing the expressive power of access control models
Journal of Computer Security
Stale-safe security properties for group-based secure information sharing
Proceedings of the 6th ACM workshop on Formal methods in security engineering
Enforcing "sticky" security policies throughout a distributed application
Proceedings of the 2008 workshop on Middleware security
A conceptual framework for Group-Centric secure information sharing
Proceedings of the 4th International Symposium on Information, Computer, and Communications Security
Group-centric models for secure and agile information sharing
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
The challenge of data and application security and privacy (DASPY): are we up to it
Proceedings of the first ACM conference on Data and application security and privacy
Group-Centric Secure Information-Sharing Models for Isolated Groups
ACM Transactions on Information and System Security (TISSEC)
Refinement-based design of a group-centric secure information sharing model
Proceedings of the second ACM conference on Data and Application Security and Privacy
Authorization policy specification and enforcement for group-centric secure information sharing
ICISS'11 Proceedings of the 7th international conference on Information Systems Security
Relational abstraction in community-based secure collaboration
Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security
Spoilt for choice: graph-based assessment of key management protocols to share encrypted data
Proceedings of the 4th ACM conference on Data and application security and privacy
Using community structure to control information sharing in online social networks
Computer Communications
| Hi-index | 0.00 |
We develop the foundations for a theory of Group-Centric Secure Information Sharing (g-SIS), characterize a specific family of models in this arena and identify several directions in which this theory can be extended. Traditional approach to information sharing, characterized as Dissemination-Centric, focuses on attaching attributes and policies to an object as it is disseminated from producers to consumers in a system. In contrast, Group-Centric sharing envisions bringing the users and objects together in a group to facilitate sharing. The metaphors "secure meeting room" and "subscription service" characterize the Group-Centric approach where participants and information come together to share for some common purpose. Our focus in this paper is on semantics of group operations: Join and Leave for users and Add and Remove for objects, each of which can have several variations called types. We use Linear Temporal Logic to first characterize the core properties of a group in terms of these operations. We then characterize additional properties for specific types of these operations. Finally, we specify the authorization behavior for read access in a single group for a family of g-SIS models and show that these models satisfy the above-mentioned properties using the NuSMV model checker.