ACCESS CONTROL RESEARCH FOR COOPERATION IN WEB-BASED KNOWLEDGE-SHARING SYSTEM
0
Citation
2
Reference
20
Related Paper
Abstract:
This paper introduces access control which traditionally researched in the field of information security into the area of collaborative system. We build an application-oriented access control mechanism and use it to analyze the fundamentality of access control to cooperation in a web-based knowledge-sharing system. The mechanism is simple but clear and verified by projects. We also hope readers can take advantage of the design of our access control mechanism and knowledge-sharing system which is common part of collaboration suites. Finally we find access control does contribute and help members to cooperate better in the system.Keywords:
Knowledge Sharing
Topics:
Cite
The widespread diffusion of Web-based services provided by public and private organizations emphasizes the need for a flexible solution for protecting the information accessible through Web applications. A promising approach is represented by credential-based access control and trust management. However, although much research has been done and several proposals exist, a clear obstacle to the realization of their benefits in data-intensive Web applications is represented by the lack of adequate support in the DBMSs. As a matter of fact, DBMSs are often responsible for the management of most of the information that is accessed using a Web browser or a Web service invocation. In this article, we aim at eliminating this gap, and present an approach integrating trust management with the access control of the DBMS. We propose a trust model with a SQL syntax and illustrate an algorithm for the efficient verification of a delegation path for certificates. Our solution nicely complements current trust management proposals allowing the efficient realization of the services of an advanced trust management model within current relational DBMSs. An important benefit of our approach lies in its potential for a robust end-to-end design of security for personal data in Web scenario, where vulnerabilities of Web applications cannot be used to violate the protection of the data residing on the database server. We also illustrate the implementation of our approach within an open-source DBMS discussing design choices and performance impact.
Credential
Cite
Citations (29)
Reduce Threats in Competitive Intelligence System: A Generic Information Fusion Access Control Model
Information fusion is a cornerstone of competitive intelligence activity that aims at supporting decision making by collecting, analyzing and disseminating information.This information comes from heterogeneous data sources.In this paper we present an approach of access control.This approach is focused both on the information that must be bring to decision-makers and the privacy of individuals whose data is used to extract this information.This model is based on the standard "Role Based Access Control" (RBAC) and is implemented within the entire life cycle of Xplor Every Where (Web service of Tetralogie), it follows methodologies tailored to design privacy-aware systems to be compliant with data protection regulations.
Information fusion
Cite
Citations (0)
As an effective measure to achieve information security, access control is important in WBA security Current approaches to access control for WBA are mostly based on individual users and they do not fit to enterprisewide systemsA new access control mechanism is presented The new mothod can meet the need in managing and enforcing the strong and efficient access control in largescale Web environments The implementation of new model on the Web is also illustrated
Cite
Citations (0)
Instant messaging
Shared resource
Cite
Citations (2)
Development of technology, progress and increase of information flow have the impact also on the development of enterprises and require rapid changes in their information systems. The growth and complexity of functionality that they currently should face cause that their design and realization become the difficult tasks and strategic for the enterprises at the same time. The informations systems store huge amount of data and allow to realize thousands of operations and business transactions on these data each day. In this case, it seems necessary to have the methods, techniques and tools that can make possibly the development of information system on level reflecting currently requirements.
The paper describes the aspects of access control management in information systems based on the concepts of roles. This concepts can be presented by the role-based access control model and its extensions defined during last years. The practical implementation of presented concepts was given in the form of platform for access control management that can be used by system developers and security administrators to support their job in assuring the security of data stored and processed in an information system and assuring the global coherence of access control rules in the whole system.
The proposed platform was based mainly on the approach connected with the access control model based on the role concept that reflects in the better way the company's organization on the access control level. The platform can be enrich with additional tool for access control administration with the use of other access control models.
Discretionary access control
Information flow
Cite
Citations (3)
Nowadays, organizations need to set higher and higher business goals in order to cope with market requirements. Indeed, a widespread strategy for organizations is to join in inter-organizational processes, which set collaborations and resource sharing among involved organizations. However, the possible lack of trust among the organizations poses relevant issues on the processing of sensitive resources. A promising approach to cope with this issue is leveraging on blockchain technology. Thanks to its design and consensus algorithm, blockchain provides a trustworthy infrastructure that allows partners involved in the collaboration to monitor and perform audits on the workflow transitions. In general, the focus of the existing blockchain-based workflow management solutions is mainly workflow coordination. However, a challenging characteristic of some workflows is that they require the exchange of a big amount of data that has to be managed off-chain, that is, directly exchanged between data producer and consumer. This off-chain data sharing should be secured and controlled such to follow the workflow execution.To cope with this challenge, in this paper, we propose a controlled information sharing in inter-organizational workflows enforced via smart contracts. Smart contracts are designed to coordinate the workflow execution, as well as to deploy a set of authorizations granting access only to the task executor and only to those resources needed for task execution and only during the task activation. We have also run a set of experiments to show the feasibility of our approach.
Executor
Information Sharing
Cite
Citations (13)
Business logic
Discretionary access control
Cite
Citations (29)
Cite
Citations (31)
Convergence of Blockchain, Autonomous Agents, and Knowledge Graph to Share Electronic Health Records
In this article, we discuss a data sharing and knowledge integration framework through autonomous agents with blockchain for implementing Electronic Health Records (EHR). This will enable us to augment existing blockchain-based EHR Systems. We discuss how major concerns in the health industry, i.e., trust, security and scalability, can be addressed by transitioning from existing models to convergence of the three technologies – blockchain, agent-based modeling, and knowledge graph in a decentralized ecosystem. Each autonomous agent is responsible for instantiating key processes, such as user authentication and authorization, smart contracts, and knowledge graph generation through data integration among the participating stakeholders in the network. We discuss a layered approach for the design of the proposed system leading to an enhanced, safer clinical decision-making system. This can pave the way toward more informed and engaged patients and citizens by delivering personalized healthcare.
Smart contract
SAFER
Data Sharing
Cite
Citations (17)