Document and Author Promotion Strategies in the Secure Wiki Model

  • Kasper Lindberg
  • Christian Damsgaard Jensen
Part of the IFIP Advances in Information and Communication Technology book series (IFIPAICT, volume 374)


Wiki systems form a subclass of the more general Open Collaborative Authoring Systems, where content is created by a user community. The ability of anyone to edit the content is, at the same time, their strength and their weakness. Anyone can write documents that improve the value of the wiki-system, but this also means that anyone can introduce errors into documents, either by accident or on purpose.

A security model for wiki-style authoring systems, called the Secure Wiki Model, has previously been proposed to address this problem. This model is designed to prevent corruption of good quality documents, by limiting updates, to such documents, to users who have demonstrated their ability to produce documents of similar or better quality. While this security model prevents all user from editing all documents, it does respect the wiki philosophy by allowing any author who has produced documents of a certain quality to edit all other documents of similar or poorer quality. Moreover, authors who consistently produce top quality documents will eventually be allowed to edit all documents in the wiki.

Collaborative filtering is used to evaluate the quality of documents that an author has contributed to the system, thus determining what other documents that the author can edit. This collaborative filtering mechanism, determines the promotion and demotion of documents and authors in the Secure Wiki Model. The original Secure Wiki Model only considers explicit promotion and demotion of documents, authors are implicitly promoted/demoted depending on the promotion/demotion of the documents that they contribute. In this paper, we revisit the question of promotion of documents and authors and propose a new security policy with explicit promotion of authors. This policy also incorporates a new collaborative filtering mechanism with a higher degree of parametrisation, so that the new policy can be adapted to the specific needs of a particular wiki.


Security Policy Security Model Integrity Level Access Control Mechanism Sybil Attack 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


  1. 1.
    Biba, K.J.: Integrity considerations for secure computer systems. Technical Report MTR-3153, The MITRE Corporation, Bedford, Massachusetts, U.S.A. (1977)Google Scholar
  2. 2.
    Douceur, J.R.: The Sybil Attack. In: Druschel, P., Kaashoek, M.F., Rowstron, A. (eds.) IPTPS 2002. LNCS, vol. 2429, pp. 251–260. Springer, Heidelberg (2002), CrossRefGoogle Scholar
  3. 3.
    Jensen, C.D.: Security in Wiki-Style Authoring Systems. In: Ferrari, E., Li, N., Bertino, E., Karabulut, Y. (eds.) IFIPTM 2009. IFIP AICT, vol. 300, pp. 81–98. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  4. 4.
    Sander, P.: Sikkerhed i wiki-lignende systemer. Master’s thesis, Technical University of Denmark, Department of Informatics & Mapthematical Modelling (2009) (in Danish)Google Scholar
  5. 5.
    Weissman, C.: Security controls in the adept-50 time-sharing system. In: Proceedings of the Fall Joint Computer Conference, Las Vegas, Nevada, U.S.A., November 18-20, pp. 119–133 (1969)Google Scholar

Copyright information

© IFIP International Federation for Information Processing 2012

Authors and Affiliations

  • Kasper Lindberg
    • 1
  • Christian Damsgaard Jensen
    • 1
  1. 1.Department of Informatics and Mathematical ModellingTechnical University of DenmarkDenmark

Personalised recommendations