Abstract

Traditionally, access control solutions have focused on how to utilize a specific type of decision parameter for access control decisions. While these “decision parameter”-focused approaches have been well accepted, they typically consider access control with centralized administration. Smart and collaborative computing systems (SCSs) such as online social networks, the Internet of Things (IoT) and connected cyber-physical systems (CPSs) require a disparate approach to meet their unique and complex access control requirements primarily because there are multiple participants who create, share, manage and protect resources (e.g., files, smart devices) individually, collaboratively or even competitively. A distinct feature of SCSs is the diffuse nature of control activities and their complex influence on other activities. Activity control (ACON) extends the scope of traditional access control models and considers how multiple administrative authorities (including users) can manage complex and interacting usage, service and control activities. In this paper, we articulate key characteristics and limitations of various existing access control models and highlight the significance and necessity of activity control in smart collaborative ecosystems. We then propose an extended ACON framework for catering to the needs of dynamic SCSs. Furthermore, we compare existing access control design principles and propose a set of activity control design principles for smart and collaborative computing systems. The proposed ACON framework and design principles will provide a solid foundation for secure SCS design and development.

Highlights

  • With the advancement of smart and collaborative computing technologies and their applicable security solutions, various applications for smart and collaborative information sharing and management have emerged and gained increasing popularity

  • Access decisions are made collectively based on policies that are administered by multiple administrative authorities such as device owners/administrators, users whose information is included in contents, cloud service providers, security administrators and 3rd-party applications

  • The proposed Activity control (ACON) framework and design principles provide a guideline for activity control system design and development and help researchers and practitioners understand modern access control systems for smart and collaborative computing systems

Read more

Summary

INTRODUCTION

With the advancement of smart and collaborative computing technologies and their applicable security solutions, various applications for smart and collaborative information sharing and management have emerged and gained increasing popularity. Access decisions are made collectively based on policies that are administered by multiple administrative authorities such as device owners/administrators, users whose information is included in contents, cloud service providers, security administrators and 3rd-party applications This smart and connected ecosystem offers endless opportunities in terms of safety, health care, accessibility, and economic growth. The proposed ACON framework and design principles provide a guideline for activity control system design and development and help researchers and practitioners understand modern access control systems for smart and collaborative computing systems. 2 While the proposed ACON framework and design principles are developed mainly to support some of the unique characteristics found in smart and collaborative systems, we believe they are applicable to other computing systems that involve multiple participants who may want/need to control other participants’ access.

RELATED WORK
EXTENDING ACTIVITY CONTROL FOR SMART AND COLLABORATIVE SYSTEMS
ACTORS AND TARGETS IN ACON
ACCESS CONTROL PRINCIPLES
PROTECTION MECHANISM DESIGN PRINCIPLES BY SALTZER AND SCHROEDER
ACTIVITY CONTROL DESIGN PRINCIPLES
Findings
VIII. CONCLUSION

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.