A Flexible Access Control Model for Distributed Collaborative Editors

  • Abdessamad Imine
  • Asma Cherif
  • Michaël Rusinowitch
Part of the Lecture Notes in Computer Science book series (LNCS, volume 5776)

Abstract

Distributed Collaborative Editors (DCE) provide computer support for modifying simultaneously shared documents, such as articles, wiki pages and programming source code, by dispersed users. Controlling access in such systems is still a challenging problem, as they need dynamic access changes and low latency access to shared documents. In this paper, we propose a flexible access control model where the shared document and its authorization policy are replicated at the local memory of each user. To deal with latency and dynamic access changes, we use an optimistic access control technique in such a way that enforcement of authorizations is retroactive. We show that naive coordination between updates of both copies can create security holes on the shared document, by permitting illegal modifications or rejecting legal modifications. Finally, we present a prototype for managing authorizations in collaborative editing work which may be deployed easily on P2P networks.

Keywords

Secure Data Management Authorization and Access Control Collaborative Editing Systems 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bertino, E., Bettini, C., Ferrari, E., Samarati, P.: A decentralized temporal autoritzation model. In: SEC, pp. 271–280 (1996)Google Scholar
  2. 2.
    Bullock, A., Benford, S.: An access control framework for multi-user collaborative environments. In: GROUP 1999, pp. 140–149. ACM, New York (1999)Google Scholar
  3. 3.
    Ellis, C.A., Gibbs, S.J.: Concurrency Control in Groupware Systems. In: SIGMOD Conference, vol. 18, pp. 399–407 (1989)Google Scholar
  4. 4.
    Imine, A.: Coordination model for real-time collaborative editors. In: Field, J., Vasconcelos, V.T. (eds.) COORDINATION 2009. LNCS, vol. 5521, pp. 225–246. Springer, Heidelberg (2009)Google Scholar
  5. 5.
    Jaeger, T., Prakash, A.: Requirements of role-based access control for collaborative systems. In: RBAC 1995, p. 16. ACM, New York (1996)Google Scholar
  6. 6.
    Li, D., Li, R.: An operational transformation algorithm and performance evaluation. Computer Supported Cooperative Work 17(5-6), 469–508 (2008)CrossRefGoogle Scholar
  7. 7.
    Lushman, B., Cormack, G.V.: Proof of correctness of ressel’s adopted algorithm. Information Processing Letters 86(3), 303–310 (2003)MathSciNetCrossRefMATHGoogle Scholar
  8. 8.
    Povey, D.: Optimistic security: a new access control paradigm. In: NSPW 1999: Proceedings of the 1999 workshop on New security paradigms, pp. 40–45. ACM, New York (2000)Google Scholar
  9. 9.
    Ressel, M., Nitsche-Ruhland, D., Gunzenhauser, R.: An Integrating, Transformation-Oriented Approach to Concurrency Control and Undo in Group Editors. In: ACM CSCW 1996, Boston, USA, November 1996, pp. 288–297 (1996)Google Scholar
  10. 10.
    Samarati, P., Ammann, P., Jajodia, S.: Maintaining replicated authorizations in distributed database systems. Data Knowl. Eng. 18(1), 55–84 (1996)CrossRefMATHGoogle Scholar
  11. 11.
    Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38–47 (1996)CrossRefGoogle Scholar
  12. 12.
    Shen, H., Dewan, P.: Access control for collaborative environments. In: CSCW 1992, pp. 51–58. ACM, New York (1992)Google Scholar
  13. 13.
    Sun, C., Ellis, C.: Operational transformation in real-time group editors: issues, algorithms, and achievements. In: ACM CSCW 1998, pp. 59–68 (1998)Google Scholar
  14. 14.
    Sun, C., Jia, X., Zhang, Y., Yang, Y., Chen, D.: Achieving Convergence, Causality-preservation and Intention-preservation in real-time Cooperative Editing Systems. ACM Trans. Comput.-Hum. Interact. 5(1), 63–108 (1998)CrossRefGoogle Scholar
  15. 15.
    Sun, C., Xia, S., Sun, D., Chen, D., Shen, H., Cai, W.: Transparent adaptation of single-user applications for multi-user real-time collaboration. ACM Trans. Comput.-Hum. Interact. 13(4), 531–582 (2006)CrossRefGoogle Scholar
  16. 16.
    Tolone, W., Ahn, G.-J., Pai, T., Hong, S.-P.: Access control in collaborative systems. ACM Comput. Surv. 37(1), 29–41 (2005)CrossRefGoogle Scholar
  17. 17.
    Xin, T., Ray, I.: A lattice-based approach for updating access control policies in real-time. Inf. Syst. 32(5), 755–772 (2007)CrossRefGoogle Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2009

Authors and Affiliations

  • Abdessamad Imine
    • 1
  • Asma Cherif
    • 1
  • Michaël Rusinowitch
    • 2
  1. 1.Nancy University and INRIA Nancy-Grand EstFrance
  2. 2.INRIA Nancy-Grand EstFrance

Personalised recommendations