Title: A formal framework to support dynamic authorisation in collaborative environments

Authors: Simeon Veloudis; Dimitrios Baltatzis; Christos Ilioudis; George Pangalos

Addresses: Department of Information Technology, ATEI of Thessaloniki, P.O. Box 141 GR, TK57 400 Thessaloniki, Greece ' Informatics and Information Security Laboratory, Computers Division, Faculty of Technology, Aristotle University of Thessaloniki, Thessaloniki, 54124, Greece ' Department of Information Technology, ATEI of Thessaloniki, P.O. Box 141 GR, TK57 400 Thessaloniki, Greece ' Informatics and Information Security Laboratory, Computers Division, Faculty of Technology, Aristotle University of Thessaloniki, Thessaloniki, 54124, Greece

Abstract: A fundamental security problem in collaborative environments (CEs) is to control the admission of users to collaborations typically based on their job duty or skills. Current authorisation solutions for CEs focus on centralised policy management and are based on privilege credentials. In this paper, we propose a formal model that rigorously and unambiguously captures an innovative role structure, not solely dependent on naming methods, that takes into account organisational as well as functional characteristics to provide a practical role-assignment methodology between organisations in CEs. The applicability of our approach is investigated through a realistic case study.

Keywords: collaborative environments; authorisation management; formal methods; dynamic authorisations; dynamic access control; dynamic role assignment; role comparison methodology; role structure; authorisation control policy; role-based access control; security.

DOI: 10.1504/IJCSE.2014.060712

International Journal of Computational Science and Engineering, 2014 Vol.9 No.4, pp.278 - 291

Received: 18 Feb 2012
Accepted: 12 Apr 2012

Published online: 24 May 2014 *

Full-text access for editors Full-text access for subscribers Purchase this article Comment on this article