Controlling access in multiuser interfaces

Abstract

Traditionally, access control has been studied in the areas of operating systems and database management systems. With the advent of multiuser interfaces, there is a need to provide access control in the user interface. We have developed a general framework for supporting access control in multiuser interfaces. It is based on the classical notion of an access matrix, a generalized editing-based model of user-application interaction, and a flexible model of user-user coupling. It has been designed to support flexible control of all significant shared operations, high-level specification of access control policies, and automatic and efficcent implementation of access control in a multiuser interface. It supports several new kinds of protected objects including sessions, windows, and hierarchical active variables; a large set of rights including not only the traditional semantic rights but also interaction and coupling rights; a set of inference rules for deriving default permissions; and a programming interface for implementing access control in multiuser interfaces. We have implemented the framework as part of a system called Suite. This article describes and motivates the framework using the concrete example of Suite, identifies some of the difficult issues we faced in its design, describes our preliminary experience with it, and suggests directions for future work.