Access control is used in computer systems to control access to confidential data. In this thesis we focus on access control for dynamic collaborative environments where multiple users and systems access and exchange data in an ad hoc manner. In such environments it is difficult to protect confidential data using conventional access control systems, because users act in unpredictable ways. In this thesis we propose a new access control framework, called Auditbased Compliance Control (AC2). In AC2 user actions are not checked immediately (a-priori), like in conventional access control, but users must account for their actions at a later time (a-posteriori), by providing machinecheckable justification proofs to auditors. The logical proofs are based on policies received from other users, and other logged actions. AC2 has a rich policy language based on first-order logics, and it features an automated audit procedure. AC2 allows users to exchange and access confidential data in an ad hoc manner, and thus collaborate more easily. Applied in a medical setting, for example, doctors would be able to continue their work, regardless of authorization issues such as missing patient consent, and missing or outdated policies. Doctors can deal with these issues at a later time. Although this unconventional approach may seem, at first sight, inappropriate for practical applications, recently a similar design choice has been made for the Dutch national infrastructure for the exchange of electronic health records (AORTA). At the same time we are aware of the fact that it is a big step for organizations to change from a conventional access control mechanism (apriori) to a new mechanism. In this thesis we also take a more conventional approach by proposing two extensions to Role-based Access Control (RBAC) - an existing and widely used access control model. These extensions give users more ways of authorizing and deploying RBAC policy changes, thus favoring dynamic collaboration between users.
|Award date||2 Dec 2009|
|Place of Publication||Enschede|
|Publication status||Published - 2 Dec 2009|