Abstract
In this paper, multiuser collaboration systems are categorized into two groupscomputer-supported cooperative work (CSCW) and workflow systemsbased on a historic perspective of their introduction and on their emphasis on user- or process-centric interactions. The goal of the survey is to identify distinct security requirementsrelated to availability, integrity, confidentiality and privacy, and access leakageof these systems. Existing role-based security models and their limitations to express security policies in distributed CSCW and workflow systems are presented. Last, we present an overview of a framework that we have developed to specify, verify, and enforce security policies in distributed CSCW systems.
| Original language | English (US) |
|---|---|
| Article number | 5464271 |
| Pages (from-to) | 1220-1231 |
| Number of pages | 12 |
| Journal | IEEE Transactions on Systems, Man, and Cybernetics Part A:Systems and Humans |
| Volume | 40 |
| Issue number | 6 |
| DOIs | |
| State | Published - Nov 2010 |
Bibliographical note
Funding Information:Manuscript received August 12, 2008; revised June 8, 2009. Date of publication May 18, 2010; date of current version October 15, 2010. This work was supported by the National Science Foundation under Grants 0082215 and 0411961. This work was part of Tanvir Ahmed’s doctoral dissertation [1]. This paper was recommended by Associate Editor M. P. Fanti.
Keywords
- Computer-supported cooperative work (CSCW)
- Web services
- groupware
- role-based access control (RBAC)
- security models
- security-policy specification and verification
- workflow