Title :
Security Policies in Distributed CSCW and Workflow Systems
Author :
Ahmed, Tanvir ; Tripathi, Anand R.
Author_Institution :
Database Security Group, Oracle Corp., Redwood City, CA, USA
Abstract :
In this paper, multiuser collaboration systems are categorized into two groups-computer-supported cooperative work (CSCW) and workflow systems-based on a historic perspective of their introduction and on their emphasis on user- or process-centric interactions. The goal of the survey is to identify distinct security requirements-related to availability, integrity, confidentiality and privacy, and access leakage-of these systems. Existing role-based security models and their limitations to express security policies in distributed CSCW and workflow systems are presented. Last, we present an overview of a framework that we have developed to specify, verify, and enforce security policies in distributed CSCW systems.
Keywords :
authorisation; groupware; workflow management software; access leakage; computer supported cooperative work; distributed CSCW; multiuser collaboration system; process centric interaction; role based security model; security policy; system integrity; workflow system; Access control; Availability; Collaboration; Collaborative work; Data security; Government; Information security; Medical services; Privacy; Web services; Computer-supported cooperative work (CSCW); Web services; groupware; role-based access control (RBAC); security models; security-policy specification and verification; workflow;
Journal_Title :
Systems, Man and Cybernetics, Part A: Systems and Humans, IEEE Transactions on
DOI :
10.1109/TSMCA.2010.2046727
