Practical access control management for distributed collaborative editors

Asma Cherif 1 Abdessamad Imine 1 Michael Rusinowitch 1
1 CASSIS - Combination of approaches to the security of infinite states systems
FEMTO-ST - Franche-Comté Électronique Mécanique, Thermique et Optique - Sciences et Technologies (UMR 6174), Inria Nancy - Grand Est, LORIA - FM - Department of Formal Methods
Abstract : The project summarized in this article aims at developing techniques to support access control in Real-Time Distributed Collaborative Editors (RCE). The ever-increasing role of RCE in academic, industry and society comforts the expansion of data sharing and raises growing concerns about controlling access to this data. Indeed, RCE allow for a human–computer–human interaction in a decentralized fashion. Thus, access control for RCE requires a careful design since they need dynamic access changes and low latency access to shared document while maintaining its consistency.In this article, we propose a flexible access control model where the shared document and its authorization policy are replicated in the local memory of each user. To deal with latency and dynamic access changes, we use an optimistic access control technique in such a way that enforcement of authorizations is retroactive. Our model is generic enough to be deployed on the top of the most of existing logging-based collaborative systems. Indeed, it does not entail overheads and it does not affect the convergence of the shared document. We show that naive coordination between updates of both copies can create security holes on the shared document, by permitting illegal modifications or rejecting legal modifications and present our solutions to avoid these problems. Finally, we present a prototype for managing authorizations in collaborative editing work in a decentralized fashion. Thus our model may be deployed easily on mobile devices over P2P networks.
Complete list of metadatas

https://hal.archives-ouvertes.fr/hal-01094068
Contributor : Abdessamad Imine <>
Submitted on : Thursday, December 11, 2014 - 3:48:07 PM
Last modification on : Tuesday, December 18, 2018 - 4:38:25 PM

Identifiers

  • HAL Id : hal-01094068, version 1

Citation

Asma Cherif, Abdessamad Imine, Michael Rusinowitch. Practical access control management for distributed collaborative editors. Pervasive and Mobile Computing, Elsevier, 2014, pp.62-86. ⟨hal-01094068⟩

Share

Metrics

Record views

304