Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control-Reference-Cited by-同舟云学术

Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control

Published:2010 Issue: Volume: Page:430-448
ISSN:
Container-title:Handbook of Research on Web 2.0, 3.0, and X.0
language:
Short-container-title:

Author:

Demurjian S.¹,Ren H.¹,Berhe S.¹,Devineni M.²,Vegad Sushil²,Polineni K.²

Affiliation:

1. University of Connecticut, USA

2. Serebrum Cooperation, USA

Abstract

Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via readonly browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which ushave stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.

Publisher

IGI Global

Reference30 articles.

1. Attalah, M. (2000). Security issues in collaborative computing. In D. Chen & D. Lee (Eds.), Computing and combinatorics. (LNCS 4112, 2). Springer.

2. NSF Award #0611053 to Serebrum. (2006). BrainStorm-collaborative customer requirements elicitation for distributed software development.

3. Barka, E., & Sandhu, R. (2000). Framework for role-based delegation models. In Proceedings of the 16th Annual Computer Security Applications Conference (pp. 168-176). IEEE Computer Society

4. Bell, D., & La Padula, L. (1975). Secure computer systems: Mathematical foundations model. (Tech. Rep. M74-244). Bedford, MA: The Mitre Corporation.

5. Berhe, S., Demurjian, S., Ren, H., Devineni, R., Vegad, S., & Polineni, K. (n.d.). Axon–an adaptive collaborative Web portal. In Proceedings of 3rd International Workshop on Adaptation and Evolution in Web Systems Engineering. Retrieved from http://icwe2008.webengineering.org/Program/Workshops/