A framework of consolidated authorization management for collaborative environments

Abstract

Collaborative systems or multi-user applications allow groups of users to communicate and cooperate on common tasks. These systems contain information and resources with different degrees of sensitivity. The applications deployed in such systems create, manipulate, and provide access to a variety of protected information and resources. Balancing the competing goals of collaboration and security is difficult because interaction in collaborative systems is targeted on making people, information, and resources available to all who need it whereas information security seeks to ensure the integrity of these elements while providing it only to them with proper authorization. Among the several areas of security in consideration for collaborative environments, $\emph{authorization}$ or $\emph{access control}$ is particularly important because such systems may offer open access to local desktops or networked resources without secure manner. Users need a secure mechanism not only for identifying collaborators (authentication), but also for managing files, applications, portions of a system, etc. They may access during a collaboration session. However, there are a few researches in dealing with authorization issues to provide flexible access control policy, reliable authorization model, architecture, and mechanism in collaborative environments. In this thesis, we provide a comprehensive study of authorization management for collaborative environments and propose an authorization framework for such environments. Firstly, we examine a well-known access control model, called Role-based access control (RBAC) and reconstruct authorization model using general software engineering tools to investigate a gap between formal access control models and access control system development. Secondly, we propose an authorization architecture supporting reliable and scalable authorization management features that are crucial to collaborative environments. Based on this study, we build a ...