In Computer Supported Cooperative Work (CSCW), a group of users interact
and collaborate using shared objects towards some common objectives.
In CSCW literature, computer supported collaboration ranges from real-time synchrono
us collaborations
like online conferencing, interactive
authoring of documents, to asynchronous workflow like collaboration
in an office environment.
Compared to traditional office automation workflow
where activities are predefined and can be scripted,
activities in real-time groupware systems are managed in an ad hoc manner.
Key issues in CSCW so far have been group
awareness, multi-user interfaces, concurrency control, and coordination policies wit
hin
the collaborating groups.
However,
we wish to address security policy specification models for collaborati
on systems and policy enforcement in such systems.
This project involves the design of a policy-driven
middleware for building secure distributed collaboration systems from their
high level specifications. Our specification model supports nested
collaboration activities and
uses role based security policies and event count based coordination
specification. From the specifications of a collaboration environment,
appropriate policy modules are derived for enforcing security and coordination
requirements. A policy-driven distributed middleware provides services
to the users to join roles in an activity,
perform role specific operations, or create new activities.
In our model, a policy-driven collaboration system is realized in three
steps. Initialy, the coordination and
security policy for a collaboration is specified based on a schema.
From the specification, various policy modules are derived for different kinds of
requirements, such as
role based security, object level access control, and event notification for coordin
ation.
Finally, through these modules, the collaboration environment is realized
by a generic middleware.
We have developed a specification model using XML,
in which a collaborative system is defined in terms of activities, roles and objects.
The model allows dynamic assignments of roles,
''separation of duties'' constraints, multiple user participation in a role, active
security policies,
and hierarchical activity definitions.
The constraints and challenges in
designing such a middleware are as follows:
-
All nodes within a distributed system cannot be trusted. Collaborating users work wi
thin their own
local environments, which can be tampered with, and therefore policy enforcement
and verification cannot be carried out at the user's end. However, within the
system, certain nodes may be anointed as "trusted".
Management activities and storage of shared data may take
place at such nodes.
-
Each user in the system has a view of the policy, which is specific to
his/her role. These views need to be securely distributed to the collaborating
users. Due to the dynamic nature of the specification, these views may
change at runtime and need to be appropriately updated.
-
Policies are required for secure storage of shared objects in a collaboration enviro
nment.
Access control policies for an object can change based on context specific condition
s
for a collaboration. During the life cycle of an object,
the trusted nodes for the object can change.
Roles within different activities represent different entities and need to be
managed in their own domain of trust.
Role management policies have to be
established.
-
Operations performed by the users need to be securely communicated
to other parties for coordination and security purposes. Enforcement
of coordination conditions has to be delegated only to secure nodes.