Research And Implementation On Multi-level Access Control Model For Computer Supported Cooperative Work Environment

With the fast development of the technologies of computer and networks, the traditional single-user work pattern has developed to multi-user group cooperative work pattern across multiple heterogeneous domains. The objective of Computer Supported Cooperative Work (CSCW) is to support groups of multiple users across different domains communicate and cooperate to complete common tasks via computers. CSCW label has been widely applied to many applications, such as collaborative design, e-government, e-business, distance learning, remote medical system and military aommanding automatization, etc. Since CSCW is targeted towards making information and resources available to collaborators who need it, CSCW applications are facing fiercer threats than before. Access control is one of the most important security services, and aims to ensure the confidentiality and intergrity of shared information. It is a great challenge and urgent mission to develop access control approaches for CSCW. The contributions are as following:1. From the access control structure point of view, we analyse the factors related to access control policies in collaborative environments, include administrative domains, tasks, workflows, activites, roles, users and sharing information. Based on the analysis, we classify cooperative work patterns into four forms:data-level collaboration that means people certainly have to share the same resource and they may have no common objective, activity-level collaboration which means more than two users need to partipate in completing an activity, workflow-level collaboration that means the common task can be divided into several activities of workflows, and task-level collaboration among multi-domains.2. To address the expression of roles, role-hierarchies and user-role assignments in collaborative environments with hundreds of roles, thousands of users and millions of permissions, we introduce the concepts of role characteristic code and role hierarchy information, and then propose an access control model which is suitable for data-level collaboration based on these concepts. Each role is associated with a characteristic code represented by a prime number. Different roles have different characteristic codes. Since the decomposition formula of the product of prime numbers is unique. It simplifies the expression of roles, role hierarchies and user-role assignments greatly.3. A collaborative access control model is proposed for activity-level collaboration. In collaborative environments, there exist cooperative activities requiring that two or more different independent parties be responsible for their completion since they are sensitive activities. To protect the confidentiality and integrity of sensitive resources in these activities, the cooperation of different subjects is required to reduce the risk of fraud or error. Permissions related to these sensitive data can be granted to a subject only with the agreement of other subjects. If different people must access a sensitive data, then committing fraud requires a conspiracy of at least two, which raises the risk of disclosure and capture significantly. In the model, the new concept of collaborative permission is introduced. Collaborative permission refers to the permission that can be granted only with the participation of multiple parties, and is defined as a regular RBAC permission which is constrained by a collaboration constraint specifying the conditions that should be satisfied by collaborators for gaining it. Moreover, permission weight is defined to reflect the trust degree of a role in gaining a collaborative permission. The model makes it possible to define the collaboration among multiple subjects in gaining a permission and can enable effective protection of joint-owned resources of collaborators in cooperative activities.4. A flexible access control model for workflows is presented. As an important collaborative technology, workflow management system has been widely used in collaborative environments. To address access requirements of workflows, we present a flexbile access control model by the introduction of the concept of role authorization policy, which define the authorization that can be performed during activity execution and the context constraints should be satisfied. The model can support context-aware dynamic authorization and the synchronization of authorization and the execution of workflows.5. A secure interoperation model for multidomain collaborative environments based on shared permittions is presented. The model can realize secure resource sharing and interoperation among different domains. It classifies permissions of an administrative domain into two categories:private permissions that can only be accessed by subjects within the domain, and sharing permissions which can be shared by other domains. Security administrators can define constraints for a sharing permission according to its sensitivity, including subject vadility constraints, role vadility constraints, time-interval constraints and cardinality constraints. The enforcement of these constraints supports the least priviledge principle among domains.6. According to the requirements of product collaborative design and e-government, a system prototype is given to illustrate the implementation of the theory and technologies presented in this dissertation.