Security Policies in Distributed CSCW and Workflow Systems

被引:15
作者
Ahmed, Tanvir [1 ]
Tripathi, Anand R. [2 ]
机构
[1] Oracle Corp, Database Secur Grp, Redwood City, CA 94065 USA
[2] Univ Minnesota, Minneapolis, MN 55455 USA
来源
IEEE TRANSACTIONS ON SYSTEMS MAN AND CYBERNETICS PART A-SYSTEMS AND HUMANS | 2010年 / 40卷 / 06期
基金
美国国家科学基金会;
关键词
Computer-supported cooperative work (CSCW); groupware; role-based access control (RBAC); security models; security-policy specification and verification; Web services; workflow; MODEL; PROTECTION;
D O I
10.1109/TSMCA.2010.2046727
中图分类号
TP3 [计算技术、计算机技术];
学科分类号
0812 ;
摘要
In this paper, multiuser collaboration systems are categorized into two groups-computer-supported cooperative work (CSCW) and workflow systems-based on a historic perspective of their introduction and on their emphasis on user-or process-centric interactions. The goal of the survey is to identify distinct security requirements-related to availability, integrity, confidentiality and privacy, and access leakage-of these systems. Existing role-based security models and their limitations to express security policies in distributed CSCW and workflow systems are presented. Last, we present an overview of a framework that we have developed to specify, verify, and enforce security policies in distributed CSCW systems.
引用
收藏
页码:1220 / 1231
页数:12
相关论文
共 72 条
[1]  
Abdul-Rahman A., 1998, Proceedings of the 1997 Workshop on New Security Paradigms, P48
[2]  
AHMED T., 2004, THESIS U MINNESOTA M
[3]   Specification and verification of security requirements in a programming model for decentralized CSCW systems [J].
Ahmed, Tanvir ;
Tripathi, Anand R. .
ACM TRANSACTIONS ON INFORMATION AND SYSTEM SECURITY, 2007, 10 (02)
[4]  
Ahn G.-J., 2000, ACM Transactions on Information and Systems Security, V3, P207, DOI 10.1145/382912.382913
[5]   A security policy model for clinical information systems [J].
Anderson, RJ .
1996 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 1996, :30-43
[6]  
[Anonymous], COMPUTER SUPPORTED C
[7]  
[Anonymous], 2002, PLATF PRIV PREF 1 0
[8]  
[Anonymous], 1997, Proceedings of the Second ACM Workshop on Role-based Access Control. ACM, New York, NY, USA
[9]  
[Anonymous], P 1998 ACM C COMP SU
[10]  
[Anonymous], 2006, Proc. 2006 20th anniversary conference on Computer supported cooperative work, DOI DOI 10.1145/1180875.1180947
12345678