Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Requirements for access control: US Healthcare domain
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
SecureFlow: a secure Web-enabled workflow management system
RBAC '99 Proceedings of the fourth ACM workshop on Role-based access control
Communications of the ACM
Securing context-aware applications using environment roles
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
Flexible team-based access control using contexts
SACMAT '01 Proceedings of the sixth ACM symposium on Access control models and technologies
TRBAC: A temporal role-based access control model
ACM Transactions on Information and System Security (TISSEC)
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
A task-based security model to facilitate collaboration in trusted multi-agency networks
Proceedings of the 2002 ACM symposium on Applied computing
CTTE: support for developing and analyzing task models for interactive system design
IEEE Transactions on Software Engineering
DATALOG with Constraints: A Foundation for Trust Management Languages
PADL '03 Proceedings of the 5th International Symposium on Practical Aspects of Declarative Languages
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Static verification of security requirements in role based CSCW systems
Proceedings of the eighth ACM symposium on Access control models and technologies
Framework for role-based delegation models
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
Specification of Secure Distributed Collaboration Systems
ISADS '03 Proceedings of the The Sixth International Symposium on Autonomous Decentralized Systems (ISADS'03)
Modelling Contexts in the Or-BAC Model
ACSAC '03 Proceedings of the 19th Annual Computer Security Applications Conference
Using trust and risk in role-based access control policies
Proceedings of the ninth ACM symposium on Access control models and technologies
PeerTrust: Supporting Reputation-Based Trust for Peer-to-Peer Electronic Communities
IEEE Transactions on Knowledge and Data Engineering
Comparing the expressive power of access control models
Proceedings of the 11th ACM conference on Computer and communications security
PET: A PErsonalized Trust Model with Reputation and Risk Evaluation for P2P Resource Sharing
HICSS '05 Proceedings of the Proceedings of the 38th Annual Hawaii International Conference on System Sciences - Volume 07
Access control in collaborative systems
ACM Computing Surveys (CSUR)
Purpose based access control of complex data for privacy protection
Proceedings of the tenth ACM symposium on Access control models and technologies
Enabling GeoCollaborative crisis management through advanced geoinformation technologies
dg.o '05 Proceedings of the 2005 national conference on Digital government research
Free Riding on Gnutella Revisited: The Bell Tolls?
IEEE Distributed Systems Online
Attributed Based Access Control (ABAC) for Web Services
ICWS '05 Proceedings of the IEEE International Conference on Web Services
A general design towards secure ad-hoc collaboration
ASIACCS '06 Proceedings of the 2006 ACM Symposium on Information, computer and communications security
TrustBAC: integrating trust relationships into the RBAC model for access control in open systems
Proceedings of the eleventh ACM symposium on Access control models and technologies
How to Break Access Control in a Controlled Manner
CBMS '06 Proceedings of the 19th IEEE Symposium on Computer-Based Medical Systems
Security and Access Control for a Human-centric Collaborative Commerce System
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
CTS '06 Proceedings of the International Symposium on Collaborative Technologies and Systems
Using Attribute-Based Access Control to Enable Attribute-Based Messaging
ACSAC '06 Proceedings of the 22nd Annual Computer Security Applications Conference
MUE '07 Proceedings of the 2007 International Conference on Multimedia and Ubiquitous Engineering
Ciphertext-Policy Attribute-Based Encryption
SP '07 Proceedings of the 2007 IEEE Symposium on Security and Privacy
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
A Purpose-Based Access Control Model
IAS '07 Proceedings of the Third International Symposium on Information Assurance and Security
Trust-Based Access Control for Collaborative System
CCCM '08 Proceedings of the 2008 ISECS International Colloquium on Computing, Communication, Control, and Management - Volume 01
Team-based MAC policy over security-Enhanced Linux
SECURWARE '08 Proceedings of the 2008 Second International Conference on Emerging Security Information, Systems and Technologies
Interoperability of Context Based System Policies Using O2O Contract
SITIS '08 Proceedings of the 2008 IEEE International Conference on Signal Image Technology and Internet Based Systems
Trust '09 Proceedings of the 2nd International Conference on Trusted Computing
Extending access control models with break-glass
Proceedings of the 14th ACM symposium on Access control models and technologies
The DEFACTO system: training tool for incident commanders
IAAI'05 Proceedings of the 17th conference on Innovative applications of artificial intelligence - Volume 3
Communications of the ACM
A privacy-enhanced attribute-based access control system
Proceedings of the 21st annual IFIP WG 11.3 working conference on Data and applications security
Trust and privacy in attribute based access control for collaboration environments
Proceedings of the 11th International Conference on Information Integration and Web-based Applications & Services
Proceedings of the 2010 ACM-BCS Visions of Computer Science Conference
A High-Level Semiotic Trust Agent Scoring Model for Collaborative Virtual Organsations
WAINA '10 Proceedings of the 2010 IEEE 24th International Conference on Advanced Information Networking and Applications Workshops
3PGCIC '10 Proceedings of the 2010 International Conference on P2P, Parallel, Grid, Cloud and Internet Computing
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
An authentication trust metric for federated identity management systems
STM'10 Proceedings of the 6th international conference on Security and trust management
A Framework for Managing and Analyzing Changes of Security Policies
POLICY '11 Proceedings of the 2011 IEEE International Symposium on Policies for Distributed Systems and Networks
A contextual attribute-based access control model
OTM'06 Proceedings of the 2006 international conference on On the Move to Meaningful Internet Systems: AWeSOMe, CAMS, COMINF, IS, KSinBIT, MIOS-CIAO, MONET - Volume Part II
The state-of-the-art in personalized recommender systems for social networking
Artificial Intelligence Review
O2O: virtual private organizations to manage security policy interoperability
ICISS'06 Proceedings of the Second international conference on Information Systems Security
Attribute-Based encryption with break-glass
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Secure knowledge management: confidentiality, trust, and privacy
IEEE Transactions on Systems, Man, and Cybernetics, Part A: Systems and Humans
Editorial: Special Issue on Advances in Computer Supported Collaboration: Systems and Technologies
Future Generation Computer Systems
Hi-index | 0.00 |
Many efforts in the area of computer security have been drawn to attribute-based access control (ABAC). Compared to other adopted models, ABAC provides more granularity, scalability, and flexibility. This makes it a valuable access control system candidate for securing platforms and environments used for coordination and cooperation among organizations and communities, especially over open networks such as the Internet. On the other hand, the basic ABAC model lacks provisions for context, trust and privacy issues, all of which are becoming increasingly critical, particularly in high performance distributed collaboration environments. This paper presents an extended access control model based on attributes associated with objects and subjects. It incorporates trust and privacy issues in order to make access control decisions sensitive to the cross-organizational collaboration context. Several aspects of the proposed model are implemented and illustrated by a case study that shows realistic ABAC policies in the domain of distributed multiple organizations crisis management systems. Furthermore, the paper shows a collaborative graphical tool that enables the actors in the emergency management system to make better decisions. The prototype shows how it guarantees the privacy of object's attributes, taking into account the trust of the subjects. This tool incorporates a decision engine that relies on attribute based policies and dynamic trust and privacy evaluation. The resulting platform demonstrates the integration of the ABAC model, the evolving context, and the attributes of actors and resources.