Access control for cross organizational collaboration

Date of Award


Degree Name

Ph.D. in Electrical Engineering


Department of Electrical and Computer Engineering


Advisor: John S. Loomis


Access control must provide a secure environment for collaboration among independent organizations with different policies, systems, and locations. In addition, a trust climate needs to be fostered to encourage collaborators to focus more on sharing than on self-protecting. Privacy preservation is also an indispensable part to protect personal information. The objective of this work is to address these requirements by building a comprehensive model that provides flexible and fine-grained access control across organizational boundaries. First the scope of the model is defined according to the discussion of three taxonomies: access control models, the relationships between resources and attacks, and attributes. The core model is then developed based on Attribute Based Access Control (ABAC). A few new concepts including requests, prerequisites, and obligations are introduced. A decision making procedure is designed in a way that pre-determined access control decisions can be revoked during a session, which greatly improves the flexibility of the model. Since conflicting decisions may be drawn from different policies, an analysis of possible reasons is performed. Combination principles are then designed to enable automatic merging of policies without human intervention. Another contribution here is trust based attribute management. Despite of the fact that attributes are important direct impacting factors for access control, few research efforts were made to maintain their correctness and exactness in a timely manner. To address this, a systematic definition of the lifecycle of an attribute is provided along with definitions of management subjects, objects, and operations. Trust levels of subjects are then used to determine who and when to perform these operations. The values of trust levels are determined using algorithms developed based on parameters such as collaboration level, recommendation, and reputation. The trustworthiness of attributes is also discussed. The requirement of privacy preservation is addressed in two stages. First, concepts such as purpose, usage period, and disclosure are defined and incorporated into decision making functions of the model. Second, an object is disintegrated into different views with different levels of specialization and generalization. Each view is then associated with at least one pud (purpose, usage period, and disclosure). The introduction of disclosure provides a paradigm for the second use and dissemination of information. Finally, future research directions and work, including those regarding the implementation, are discussed.


Institutional cooperation Security measures, Computer systems Access control, Data protection

Rights Statement

Copyright © 2012, author