5th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing

Research Article

Towards a framework for group-centric secure collaboration

Download584 downloads
  • @INPROCEEDINGS{10.4108/ICST.COLLABORATECOM2009.8305 ,
        author={Ram Krishnan and Ravi Sandhu and Jianwei Niu and William Winsborough},
        title={Towards a framework for group-centric secure collaboration},
        proceedings={5th International ICST Conference on Collaborative Computing: Networking, Applications, Worksharing},
        proceedings_a={COLLABORATECOM},
        year={2009},
        month={12},
        keywords={Authorization Collaboration Computer security Corporate acquisitions Intellectual property Large-scale systems Permission Product design Wikipedia Writing},
        doi={10.4108/ICST.COLLABORATECOM2009.8305 }
    }
    
  • Ram Krishnan
    Ravi Sandhu
    Jianwei Niu
    William Winsborough
    Year: 2009
    Towards a framework for group-centric secure collaboration
    COLLABORATECOM
    ICST
    DOI: 10.4108/ICST.COLLABORATECOM2009.8305
Ram Krishnan1,*, Ravi Sandhu2,*, Jianwei Niu2,*, William Winsborough2,*
  • 1: George Mason University
  • 2: Institute for Cyber Security, University of Texas at San Antonio
*Contact email: rkrishna@gmu.edu, ravi.sandhu@utsa.edu, niu@cs.utsa.edu, wwinsborough@acm.org

Abstract

The concept of groups is a natural aspect of most collaboration scenarios. Group-Centric Secure Information Sharing models (g-SIS) have been recently proposed in which users and objects are brought together to promote sharing and collaboration. Users may join, leave and re-join and objects may be added, removed and re-added. Furthermore, objects embodying new intellectual property may be created in the group during collaboration, some of which may flow back to the participating entities. Authorizations may depend on various aspects including time of join and add, the user's role, etc. In this paper, we outline three example scenarios of inter-organizational collaboration. We develop a complete authorization model for one of these scenarios comprising administrative and operational components. We conclude the paper by proposing an initial framework for developing more sophisticated models for inter-organizational collaboration.