{"title":"在多层系统中与权宜之计内部人员协作的以组为中心的模型","authors":"K. Bijon, R. Sandhu, R. Krishnan","doi":"10.1109/CTS.2012.6261086","DOIUrl":null,"url":null,"abstract":"An authorization model for group-centric organizational collaboration has been recently proposed wherein multiple organizations may collaborate via groups [3]. Each group is independent of all others and adheres to the formal semantics of Group-Centric Secure Information Sharing models (g-SIS) [2], [4]. Motivated by [3], in this paper, we develop a model for group-centric collaboration in which an organization forms groups to collaborate with outside consultants on specific projects. A core principle is that such outsiders cannot fit in the existing organizational access control structure as they are not “true insiders” but rather “expedient insiders.” In our proposed model, each group duplicates the organizational access control structure in an identical but separate copy—initially without any assignment of users or objects. The group is then populated and maintained by bringing selected true insiders, expedient insiders, and objects together to enable collaboration. The formal model consists of administrative and operational parts covering the complete life-cycle. While the general concepts are applicable regardless of the specific models used for the organizational access control structure, to be concrete we consider the specific case of multilevel systems that enforce lattice-based access control [7].","PeriodicalId":200122,"journal":{"name":"2012 International Conference on Collaboration Technologies and Systems (CTS)","volume":"123 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-05-21","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":"{\"title\":\"A group-centric model for collaboration with expedient insiders in multilevel systems\",\"authors\":\"K. Bijon, R. Sandhu, R. Krishnan\",\"doi\":\"10.1109/CTS.2012.6261086\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"An authorization model for group-centric organizational collaboration has been recently proposed wherein multiple organizations may collaborate via groups [3]. Each group is independent of all others and adheres to the formal semantics of Group-Centric Secure Information Sharing models (g-SIS) [2], [4]. Motivated by [3], in this paper, we develop a model for group-centric collaboration in which an organization forms groups to collaborate with outside consultants on specific projects. A core principle is that such outsiders cannot fit in the existing organizational access control structure as they are not “true insiders” but rather “expedient insiders.” In our proposed model, each group duplicates the organizational access control structure in an identical but separate copy—initially without any assignment of users or objects. The group is then populated and maintained by bringing selected true insiders, expedient insiders, and objects together to enable collaboration. The formal model consists of administrative and operational parts covering the complete life-cycle. While the general concepts are applicable regardless of the specific models used for the organizational access control structure, to be concrete we consider the specific case of multilevel systems that enforce lattice-based access control [7].\",\"PeriodicalId\":200122,\"journal\":{\"name\":\"2012 International Conference on Collaboration Technologies and Systems (CTS)\",\"volume\":\"123 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-05-21\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"8\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 International Conference on Collaboration Technologies and Systems (CTS)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CTS.2012.6261086\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 International Conference on Collaboration Technologies and Systems (CTS)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CTS.2012.6261086","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
A group-centric model for collaboration with expedient insiders in multilevel systems
An authorization model for group-centric organizational collaboration has been recently proposed wherein multiple organizations may collaborate via groups [3]. Each group is independent of all others and adheres to the formal semantics of Group-Centric Secure Information Sharing models (g-SIS) [2], [4]. Motivated by [3], in this paper, we develop a model for group-centric collaboration in which an organization forms groups to collaborate with outside consultants on specific projects. A core principle is that such outsiders cannot fit in the existing organizational access control structure as they are not “true insiders” but rather “expedient insiders.” In our proposed model, each group duplicates the organizational access control structure in an identical but separate copy—initially without any assignment of users or objects. The group is then populated and maintained by bringing selected true insiders, expedient insiders, and objects together to enable collaboration. The formal model consists of administrative and operational parts covering the complete life-cycle. While the general concepts are applicable regardless of the specific models used for the organizational access control structure, to be concrete we consider the specific case of multilevel systems that enforce lattice-based access control [7].
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
