Skip to Main Content
 

Global Search Box

 
 
 
 

Files

File List


dayton1334690364.pdf (1.15 MB)

ETD Abstract Container

Abstract Header

Access Control for Cross Organizational Collaboration

Zhu, Jian
http://rave.ohiolink.edu/etdc/view?acc_num=dayton1334690364

Abstract Details

2012, Doctor of Philosophy (Ph.D.), University of Dayton, Electrical Engineering.
Access control must provide a secure environment for collaboration among independent organizations with different policies, systems, and locations. In addition, a trust climate needs to be fostered to encourage collaborators to focus more on sharing than on self-protecting. Privacy preservation is also an indispensable part to protect personal information. The objective of this work is to address these requirements by building a comprehensive model that provides flexible and fine-grained access control across organizational boundaries. First the scope of the model is defined according to the discussion of three taxonomies: access control models, the relationships between resources and attacks, and attributes. The core model is then developed based on Attribute Based Access Control (ABAC). A few new concepts including requests, prerequisites, and obligations are introduced. A decision making procedure is designed in a way that pre-determined access control decisions can be revoked during a session, which greatly improves the flexibility of the model. Since conflicting decisions may be drawn from different policies, an analysis of possible reasons is performed. Combination principles are then designed to enable automatic merging of policies without human intervention. Another contribution here is trust based attribute management. Despite of the fact that attributes are important direct impacting factors for access control, few research efforts were made to maintain their correctness and exactness in a timely manner. To address this, a systematic definition of the lifecycle of an attribute is provided along with definitions of management subjects, objects, and operations. Trust levels of subjects are then used to determine who and when to perform these operations. The values of trust levels are determined using algorithms developed based on parameters such as collaboration level, recommendation, and reputation. The trustworthiness of attributes is also discussed. The requirement of privacy preservation is addressed in two stages. First, concepts such as purpose, usage period, and disclosure are defined and incorporated into decision making functions of the model. Second, an object is disintegrated into different views with different levels of specialization and generalization. Each view is then associated with at least one pud (purpose, usage period, and disclosure). The introduction of disclosure provides a paradigm for the second use and dissemination of information. Finally, future research directions and work, including those regarding the implementation, are discussed.
John S. Loomis (Advisor)
149 p.
Computer Engineering; Computer Science; Electrical Engineering
Access control; Attribute management; Trust; Privacy preservation; Collaboration; Policy combination and conflict resolution

Recommended Citations

Citations

  • Zhu, J. (2012). Access Control for Cross Organizational Collaboration [Doctoral dissertation, University of Dayton]. OhioLINK Electronic Theses and Dissertations Center. http://rave.ohiolink.edu/etdc/view?acc_num=dayton1334690364

    APA Style (7th edition)

  • Zhu, Jian. Access Control for Cross Organizational Collaboration. 2012. University of Dayton, Doctoral dissertation. OhioLINK Electronic Theses and Dissertations Center, http://rave.ohiolink.edu/etdc/view?acc_num=dayton1334690364.

    MLA Style (8th edition)

  • Zhu, Jian. "Access Control for Cross Organizational Collaboration." Doctoral dissertation, University of Dayton, 2012. http://rave.ohiolink.edu/etdc/view?acc_num=dayton1334690364

    Chicago Manual of Style (17th edition)

dayton1334690364
659
© 2012, all rights reserved.
This open access ETD is published by University of Dayton and OhioLINK.