Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems - Data and Applications Security and Privacy XXIV
Conference Papers Year : 2010

Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems

Abstract

We present a modelling language, called X-Policy, for web-based collaborative systems with dynamic access control policies. The access to resources in these systems depends on the state of the system and its configuration. The X-Policy language models systems as a set of actions. These actions can model system operations which are executed by users. The X-Policy language allows us to specify execution permissions on each action using complex access conditions which can depend on data values, other permissions, and agent roles. We demonstrate that X-Policy is expressive enough to model collaborative conference management systems. We model the EasyChair conference management system and we reason about three security attacks on EasyChair.

Domains

Digital Libraries [cs.DL]
Fichier principal
Vignette du fichier
_49.pdf (141.94 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Hal Ifip  : Connect in order to contact the contributor

https://inria.hal.science/hal-01056680

Submitted on : Wednesday, August 20, 2014-1:31:58 PM

Last modification on : Friday, August 11, 2017-5:32:48 PM

Long-term archiving on : Thursday, November 27, 2014-11:46:41 AM

Download

Dates and versions

hal-01056680 , version 1 (20-08-2014)

Licence

Attribution

Identifiers

Cite

Hasan Qunoo, Mark Ryan. Modelling Dynamic Access Control Policies for Web-Based Collaborative Systems. 24th Annual IFIP WG 11.3 Working Conference on Data and Applications Security and Privacy (DBSEC), Jun 2010, Rome, Italy. pp.295-302, ⟨10.1007/978-3-642-13739-6_20⟩. ⟨hal-01056680⟩

Export

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

IFIP-LNCS IFIP IFIP-LNCS-6166 IFIP-TC IFIP-WG IFIP-TC11 IFIP-WG11-3 IFIP-DBSEC
85 View
76 Download

Altmetric

Share

More