ControllingAccessinCollaborativeEnvironments.docVIP

Controlling Access in Collaborative Environments Srinivas Krishnan University of North Carolina at Chapel Hill krishnan@cs.unc.edu Abstract In collaborative systems users require varied access to a set of shared resources. Unlike traditional OS-centric access control systems, these systems need dynamic access changes and low latency access to resources. In this paper we shall study access control systems as applied in a distributed collaborative environment, and explore strategies that allow for “low-latency” access operations by using a methodology known as “optimistic access control”. We shall also briefly discuss strategies used to solve the problem of update ordering in a replicated access control system. Finally, we shall study a p2p environment, which allows for building a highly resilient access control system. Introduction Collaborative systems strive to provide an interface for users to work on a shared resource. Each one of these collaborative sessions however consists of users who have varying trust levels of each other. This leads to a middleware providing a layer of protection around the shared resource, and allowing each user to access the shared resource in a manner that will not breach the “degree of trust” present amongst the participants. The layer of protection is provided by the access control mechanisms present in the system. Traditional access control mechanisms have relied on a “deny-first” mechanism. This model however does not apply directly to collaborative models, whose aim is foster sharing of information. Further, unlike traditional single-user models, collaborative applications have to allow for dynamic change of access permissions, as users can join and leave in an ad-hoc manner. This leads to building access control systems for an N-user collaborative environment becoming a challenging distributed systems problem. Access Control is a function of the information it is trying to protect. A defense contractor working on a proposal a