Loading…

Practical access control management for distributed collaborative editors

The project summarized in this article aims at developing techniques to support access control in Real-Time Distributed Collaborative Editors (RCE). The ever-increasing role of RCE in academic, industry and society comforts the expansion of data sharing and raises growing concerns about controlling...

Full description

Saved in:
Bibliographic Details
Published in:Pervasive and mobile computing 2014-12, Vol.15, p.62-86
Main Authors: Cherif, Asma, Imine, Abdessamad, Rusinowitch, Michaël
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:The project summarized in this article aims at developing techniques to support access control in Real-Time Distributed Collaborative Editors (RCE). The ever-increasing role of RCE in academic, industry and society comforts the expansion of data sharing and raises growing concerns about controlling access to this data. Indeed, RCE allow for a human–computer–human interaction in a decentralized fashion. Thus, access control for RCE requires a careful design since they need dynamic access changes and low latency access to shared document while maintaining its consistency. In this article, we propose a flexible access control model where the shared document and its authorization policy are replicated in the local memory of each user. To deal with latency and dynamic access changes, we use an optimistic access control technique in such a way that enforcement of authorizations is retroactive. Our model is generic enough to be deployed on the top of the most of existing logging-based collaborative systems. Indeed, it does not entail overheads and it does not affect the convergence of the shared document. We show that naive coordination between updates of both copies can create security holes on the shared document, by permitting illegal modifications or rejecting legal modifications and present our solutions to avoid these problems. Finally, we present a prototype for managing authorizations in collaborative editing work in a decentralized fashion. Thus our model may be deployed easily on mobile devices over P2P networks.
ISSN:1574-1192
1873-1589
DOI:10.1016/j.pmcj.2013.09.004