COLBAC: Shifting Cybersecurity from Hierarchical to Horizontal Designs

Proceedings of the 2021 New Security Paradigms Workshop Pub Date : 2021-10-25 DOI:10.1145/3498891.3498903

Kevin Gallagher, Santiago Torres-Arias, N. Memon, J. Feldman

{"title":"COLBAC: Shifting Cybersecurity from Hierarchical to Horizontal Designs","authors":"Kevin Gallagher, Santiago Torres-Arias, N. Memon, J. Feldman","doi":"10.1145/3498891.3498903","DOIUrl":null,"url":null,"abstract":"Cybersecurity suffers from an oversaturation of centralized, hierarchical systems and a lack of exploration in the area of horizontal security, or security techniques and technologies which utilize democratic participation for security decision-making. Because of this, many horizontally governed organizations such as activist groups, worker cooperatives, trade unions, not-for-profit associations, and others are not represented in current cybersecurity solutions, and are forced to adopt hierarchical solutions to cybersecurity problems. This causes power dynamic mismatches that lead to cybersecurity and organizational operations failures. In this work we introduce COLBAC, a collective based access control system aimed at addressing this lack. COLBAC uses democratically authorized capability tokens to express access control policies. It allows for a flexible and dynamic degree of horizontality to meet the needs of different horizontally governed organizations. After introducing COLBAC, we finish with a discussion on future work needed to realize more horizontal security techniques, tools, and technologies.","PeriodicalId":320273,"journal":{"name":"Proceedings of the 2021 New Security Paradigms Workshop","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-25","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the 2021 New Security Paradigms Workshop","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/3498891.3498903","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

Abstract

Cybersecurity suffers from an oversaturation of centralized, hierarchical systems and a lack of exploration in the area of horizontal security, or security techniques and technologies which utilize democratic participation for security decision-making. Because of this, many horizontally governed organizations such as activist groups, worker cooperatives, trade unions, not-for-profit associations, and others are not represented in current cybersecurity solutions, and are forced to adopt hierarchical solutions to cybersecurity problems. This causes power dynamic mismatches that lead to cybersecurity and organizational operations failures. In this work we introduce COLBAC, a collective based access control system aimed at addressing this lack. COLBAC uses democratically authorized capability tokens to express access control policies. It allows for a flexible and dynamic degree of horizontality to meet the needs of different horizontally governed organizations. After introducing COLBAC, we finish with a discussion on future work needed to realize more horizontal security techniques, tools, and technologies.

查看原文本刊更多论文

COLBAC:将网络安全从层次设计转变为水平设计

网络安全遭受集中式，分层系统的过度饱和以及在水平安全领域缺乏探索，或者利用民主参与安全决策的安全技术和技术。正因为如此，许多横向管理的组织，如激进组织、工人合作社、工会、非营利协会等，在当前的网络安全解决方案中没有代表，并被迫采用分层解决网络安全问题的解决方案。这会导致权力动态不匹配，从而导致网络安全和组织运营失败。在这项工作中，我们介绍了COLBAC，一个基于集体的访问控制系统，旨在解决这一不足。COLBAC使用民主授权的功能令牌来表示访问控制策略。它允许灵活和动态的水平程度，以满足不同水平治理组织的需求。在介绍COLBAC之后，我们将讨论实现更多水平安全技术、工具和技术所需的未来工作。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Proceedings of the 2021 New Security Paradigms Workshop

自引率

0.00%

发文量