Trust-based access control for privacy protection in collaborative environment

Proceedings - IEEE International Conference on e-Business Engineering, ICEBE 2009; IEEE Int. Workshops - AiR 2009; SOAIC 2009; SOKMBI 2009; ASOC 2009

Volumn , Issue , 2009, Pages 425-430

  Li, Min ^a   Wang, Hua ^a   Ross, David ^a  

^a UNIVERSITY OF SOUTHERN QUEENSLAND   (Australia)

Author keywords

[No Author keywords available]

Indexed keywords

ACCESS CONTROL MODELS; BUSINESS ENVIRONMENTS; COLLABORATIVE ENVIRONMENTS; PRIVACY LAW; PRIVACY POLICIES; PRIVACY PROTECTION; TRUST VALUES; TRUST-BASED ACCESS CONTROL;

ELECTRONIC COMMERCE; LAWS AND LEGISLATION; SECURITY SYSTEMS; TECHNICAL PRESENTATIONS;

ACCESS CONTROL;

EID: 77951006943     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/ICEBE.2009.66     Document Type: Conference Paper

References (26)

1. Atif, Y. (2000). Building trust in e-commerce. IEEE Internet Computing, 6(1), 18-24.
2. Bacon, J., Moody, K., and Yao, W. (2002). A model of OASIS role-based access control and its support for active security. ACM Transaction Information System Security, 5(4), 492-540.
3. Bonatti, P., and Samarati, P. (2002). A Unified Framework for Regulating Access and Information Release on the Web. In Journal of Computer Security, 10, 3, 241-271. (Pubitemid 34814466)
4. Bertino, E., Bonatti, P. A., and Ferrari, E. (2001). TRBAC: A temporal role-based access control model. ACM Transactions on Information and System Security, 4(3), 191-233.
5. Bettini, C., Jajodia, S.,Wang, X. S., and Wijesekera, D. (2002). Obligation monitoring in policy management. In Proceedings of the 3rd InternationlWorkshop on Policies for Distributed Systems and Networks, 2002.
6. Bettini, C., Jajodia, S.,Wang, X. S., and Wijesekera, D. (2002). Provisions and obligations in policy management and security applications. In Proceedings of the 28th VLDB Conference, 2002.
7. Chomicki, J., and Lobo, J. (2001). Monitors for history-based policies. In Proceedings of the 2nd Internationl Workshop on Policies for Distributed Systems and Networks, 2001.
8. Cahill, V., Gray, E., Seigneur, J. M., Jensen, C.D., Chen, Y., and Shand, B., et al. (2003). Using trust for secure collaboration in uncertain environments. IEEE Pervasive Computing, 2(3), 52-61.
9. Dimmock, N., Belokosztolszki, A., Eyers, D., Bacon, J., and Moody, K. (2004). Using trust and risk in role-based access control policies. In Proceedings of the Ninth ACM Symposium on Access Control Models and Technologies, New York, (pp. 156-162). ACM Press.
10. Denning, D. E. (1976). A lattice model of secure information. Communications of the ACM, vol.19, no.5, 1976.
11. Ferraiolo, D. F., Sandhu, R., Gavrila, S., Richard Kuhn, D., and Chandramouli, R. (2001). Proposed NIST Standard for Role-Based Access Control, ACM Transactions on Information and System Security, Volume 4, Number 3, August 2001. (Pubitemid 33275961)
12. Grandison, T., and Sloman, M. (2000). A survey of trust in Internet applications. IEEE Communications Surveys and Tutorials, 3(4).
13. Harrison, M. H., Ruzzo, W. L. and Ullman, J. D. (1976). Protection in Operating Systems, Communication of ACM, Vol 19, No.8, 1976.
14. Jajodia, S., Samarati, P., Sapino, M. L., and Subrahmanian, V. S. (2001). Flexible support for multiple access control policies. ACM Transaction Database System, 26(2), 214-260.
15. Li, N., Mitchell, J. C., and Winsborough, W. H. (2002). Design of a role-based trust management framework. In Proceedings of the IEEE Symposium on Security and Privacy, Washington, D.C., (p. 114).
16. Park, J., and Sandhu, R. S. (2004) The UCON usage control model. ACM Transaction Information System Security, 7(1), 128-174.
17. Powers, C. S. (2002). Privacy promises, access control, and privacy management. In ISEC 02: Proceedings of the Third International Symposium on Electronic Commerce, page 13, Washington, DC, USA, 2002. IEEE Computer Society.
18. Resnick, P., Kuwabara, K., Zeckhauser, R., and Friedman, E. (2000) Reputation systems. ACM Communications, 43(12), 45-48.
19. Sandhu, R., and Zhang, X. (2005). Peer-to-peer access control architecture using trusted computing technology. In Proceedings of the Tenth ACM Symposium on Access Control Models and Technologies, New York, (pp. 147-158). ACM Press.
20. Sandhu, R., Coyne, E., Feinstein, H., and Youman, C. (1996). Role-Based Access Control Models, IEEE Computer, Volume 29, Number 2, February 1996.
21. Xiong, L., and Liu, L. (2004). Peertrust: Supporting reputation-based trust for peer-to-peer electronic communities. IEEE Transaction Knowledge Data Engineering, 16(7), 843-857.
22. Yang, L., Kizza, J. M., Cemerlic, A., and Liu, F. (2007). Finegrained reputation-based routing in wireless ad hoc networks. In Proceedings of IEEE Intelligence and Security Informatics Conference (pp. 75-78). IEEE Computer Society Press. (Pubitemid 47469218)
23. Yao, W. T. M. (2003). Fidelis: A policy-driven trust management framework. In Proceedings of the First International Conference on Trust Management (LNCS 2692, p. 1071).
24. Wang, Y., and Vassileva, J., Trust and reputation model in collaborative networks. in Proc. 3rd IEEE Int. Conf. Collaborative Computing, pp.150- 157, 2003. (Pubitemid 41083669)
25. Winsborough, W. and Li, N. (2002). Towards Practical Automated Trust Negotiation. In Third International Workshop on Policies for Distributed Systems and Networks (POLICY 2002), Monterey, CA, June 2002.
26. OECD:Organisation for Economic Co-operation and Development. Oecd guidelines on the protection of privacy and transborder flows of personal data of 1980. Available at http://www.oecd.org/.