Abstract
During the last decade, organizations have been more and more aware of the benefits of engaging in collaborative activities. To attain a required collaborative objective, they are obligated to share sensitive resources such as data, services, and knowledge. However, sharing sensitive and private resources and exposing them for an external usage may prevent the organizations involved from collaborating. Therefore, this usage requires more preoccupation with security issues. Access control is one of these required security concerns. Several access control models are defined in the literature and this multitude of models creates heterogeneity of access control policies between the collaborating organizations. In this paper, we propose Access Control in Cross-Organizational coLLABoration ACCOLLAB, a solution for automatic mapping between heterogeneous access control policies in cross-organizational collaboration. To carry out this mapping, we suggest a mechanism founded mainly on XACML profiles and on a generic language derivative of XACML we define as Generic-XACML. We also formally prove that the mapping does not affect decision evaluation of policies. Thereby the proposed contribution ACCOLLAB allows each collaborating organization to communicate their access control policies and adopt other’s policies without affecting their existing access control systems.
Highlights
Introduction and MotivationCollaborative activities have received a lot of attention from organizations due to the important need to address specific and common goals, to combine knowledge, skills, and experiences, to share resources to meet a particular task
We propose Access Control in CrossOrganizational coLLABoration ACCOLLAB, a solution for automatic mapping between heterogeneous access control policies in cross-organizational collaboration
Authors in [18] propose a federated capability-based access control (FedCAC) system to tackle the challenges of access control for heterogeneous devices over IoT
Summary
Few works have tackled the heterogeneity of access control models problem [12,13,14], and none of them according to our knowledge has given a complete solution for automatic policy mapping between heterogeneous systems that covers both syntactic and semantic transformation. Reviewing the contributions presented in the literature in response to this challenge motivated us to believe in the need for a solution for collaborative access control that has the advantage to (1) tackle the heterogeneity in access control models, (2) allow automatic mapping of access control policies between collaborating organizations based on syntactic and semantic transformations, and (3) respect the legacy systems. The aim of our contribution ACCOLLAB is to propose a new mechanism that ensures mapping between heterogeneous models automatically This mechanism will help organizations to communicate their access control policies and adopt others’ policies automatically without affecting the existing access control systems.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
