To effectively participate in modern collaborations, member organizations must be able to share specific data and functionality with collaboration partners, while ensuring their resources are safe from inappropriate access. This requires access control models, policies, and enforcement mechanisms for the shared resources. This paper specifically addresses how to reduce the information leaks caused by authorization policies used in collaborative computing environment. The basic principle is defining some labels that specify the information flow constraints, and assigning them to authorization policy components. The usages of labeled policy components must obey the information fiows constraints defined by the labels in order to avoid authorization policy components being misused. This label can also improve the authorization policy administration.
|Title of host publication||Proceedings of the 7th ACIS International Conference on Software Engineering, Artificial Intelligence, Networking, and Parallel/Distributed Computing|
|Publication status||Published - 20 Jun 2006|