Policy-driven role-based access management for ad-hoc collaboration

Ad-hoc collaboration is a newly emerged environment enabling distributed collaborators to share resources. The dynamic nature and unique sharing pattern in ad-hoc collaboration poses great challenges for security services to accommodate both access control and trust management requirements in providing controlled resource sharing. In this paper, we propose a comprehensive, integrated and implemented access management framework, called RAMARS, for secure digital information sharing in ad-hoc collaboration. Our framework incorporates a role-based approach to leverage the originator control, delegation and dissemination control. A trust awareness feature is integrated for dynamic user-role assignment based on user attributes. The access control polices are formally specified, and a peer-to-peer scientific information sharing system – ShareEnabler – is presented to demonstrate the feasibility of our approach. The performance evaluation of our prototype system with potential system improvements is also discussed.