2nd International ICST Workshop on Trusted Collaboration

Research Article

Towards Trust-aware Access Management for Ad-hoc Collaborations

  • @INPROCEEDINGS{10.1109/COLCOM.2007.4553807,
        author={Jing Jin and Gail-Joon Ahn and Mohamed Shehab and Hongxin Hu},
        title={Towards Trust-aware Access Management for Ad-hoc Collaborations},
        proceedings={2nd International ICST Workshop on Trusted Collaboration},
        publisher={IEEE},
        proceedings_a={TRUSTCOL},
        year={2008},
        month={6},
        keywords={Access control  Authorization  Collaboration  Diseases  Environmental management  Identity management systems  Licenses  Medical diagnostic imaging  Prototypes  Resource management},
        doi={10.1109/COLCOM.2007.4553807}
    }
    
  • Jing Jin
    Gail-Joon Ahn
    Mohamed Shehab
    Hongxin Hu
    Year: 2008
    Towards Trust-aware Access Management for Ad-hoc Collaborations
    TRUSTCOL
    IEEE
    DOI: 10.1109/COLCOM.2007.4553807
Jing Jin1,*, Gail-Joon Ahn1,*, Mohamed Shehab1,*, Hongxin Hu1,*
  • 1: The University of North Carolina at Charlotte
*Contact email: jjin@uncc.edu, gahn@uncc.edu, mshehab@uncc.edu, hxhu@uncc.edu

Abstract

In an ad-hoc collaborative sharing environment, attribute-based access control provides a promising approach in defining authorization over shared resources based on users’ properties/attributes rather than their identities. While the user’s attributes are always asserted by different authorities in the form of credentials, these authorities may not be accepted by the resource owner with the same degree of trust. In this paper, we present a trust-aware role-based authorization framework, called RAMARS TM, to address both the access control and the trust management issues in such environment. Central to our approach is the dynamic role assignment based on a user’s attributes, and trust management, as a special constraint, is in place to make trust decisions on a user’s attributes. Required components and functions are identified and specified in our trust and access management policies. An architecture of prototype system implementation is also discussed.