Download presentation
Presentation is loading. Please wait.
Published byRudolph Golden Modified over 9 years ago
1
Access Control in Collaborative Systems William Tolone, Gail-Joon Ahn, Tanusree Pai & Seng-Phil Hong
2
Outline Collaborative Environments Access Control Requirements Access Control Models Assessment Conclusion
3
Collaborative Environments Facebook Code Repositories Webcourses
4
Access Control Requirements Applied at a distributed level Should be able to adapt Scalability Fine-grained control Exclusion of unauthorized users Easy specification of access rights Ability to dynamically change access policies Reasonable performance and resource cost
5
Outline Collaborative Environments Access Control Requirements Access Control Models Assessment Conclusion
6
Access Matrix Model Based on subjects and objects Reference monitor for checking access rights
7
Access Matrix Model (cont.) Implemented in Access Control Lists
8
Access Matrix Model (cont.) Shortcomings – Not complex enough – No ability to dynamically change policy – Can’t address objects not owned by users
9
Roll-Based Access Control (RBAC) Permissions assigned to roles rather than users Users associated to roles More scalable Shortcomings – Roles are too static
10
Task-Based Access Control (TBAC) Derivative of subject-object model Contains information based on task Access granted in steps related to the task Active model Shortcomings – Context only based on task progression – Management, delegation, revocation are not covered – Not very applicable outside enterprise May use roles as an interface
11
Team-Based Access Control (TMAC) Similar to RBAC Covers case when different roles collaborate together User context describes user’s role in team Shortcomings – Hasn’t fully been developed
12
Team-Based Access Control
13
Spatial Access Control Divides collaboration environment into regions User credentials used to determine access Shortcomings – Only navigational access requirements – Must divide application into regions
14
Context-Aware Access Control Extension of RBAC Environment roles defined at time of activation Shortcomings – Hasn’t been fully developed/tested
15
Outline Collaborative Environments Access Control Requirements Access Control Models Assessment Conclusion
16
Assessment Criteria – Complexity – Transparency – Ease of use – Applicability – Collaboration Support – Policy Specification – Policy Enforcement – Fine Grained Control – Active/Passive – Contextual
17
Assessment
18
Conclusion Roles are well accepted Importance of context Active systems are preferable Scalability required
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.