The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.06 - June (2009 vol.21)
pp: 840-853
Hua Wang , University of Southren Queensland, Toowoomba
Yanchun Zhang , Victoria University, Melbourne
Jinli Cao , La Trobe University, Melbourne
ABSTRACT
A global education system, as a key area in future IT, has fostered developers to provide various learning systems with low cost. While a variety of e-learning advantages has been recognized for a long time and many advances in e-learning systems have been implemented, the needs for effective information sharing in a secure manner have to date been largely ignored, especially for virtual university collaborative environments. Information sharing of virtual universities usually occurs in broad, highly dynamic network-based environments, and formally accessing the resources in a secure manner poses a difficult and vital challenge. This paper aims to build a new rule-based framework to identify and address issues of sharing in virtual university environments through role-based access control (RBAC) management. The framework includes a role-based group delegation granting model, group delegation revocation model, authorization granting, and authorization revocation. We analyze various revocations and the impact of revocations on role hierarchies. The implementation with XML-based tools demonstrates the feasibility of the framework and authorization methods. Finally, the current proposal is compared with other related work.
INDEX TERMS
E-learning, RBAC, role-based delegation, revocation.
CITATION
Hua Wang, Yanchun Zhang, Jinli Cao, "Effective Collaboration with Information Sharing in Virtual Universities", IEEE Transactions on Knowledge & Data Engineering, vol.21, no. 6, pp. 840-853, June 2009, doi:10.1109/TKDE.2008.132
REFERENCES
[1] M. Abadi, M. Burrows, B. Lampson, and G. Plotkin, “A Calculus for Access Control in Distributed Systems,” ACM Trans. Programming Languages and Systems, vol. 15, no. 4, pp. 706-734, 1993.
[2] G. Ahn, B. Mohan, and S. Hong, “Towards Secure Information Sharing Using Role-Based Delegation,” J. Network and Computer Applications, vol. 30, no. 1, pp. 42-59, 2007.
[3] G. Ahn and R. Sandhu, “Role-Based Authorization Constraints Specification,” Information and System Security, vol. 3, no. 4, pp.207-226, 2000.
[4] G. Ahn and R. Sandhu, “Decentralized User Group Assignment in Windows NT,” J. Systems and Software, vol. 56, no. 1, pp. 39-49, 2001.
[5] M. Arenas and L. Libkin, “A Normal Form for XML Documents,” ACM Trans. Database Systems, vol. 29, no. 1, pp. 195-232, 2004.
[6] T. Aura, “Distributed Access-Rights Management with Delegation Certificates,” Security Internet Programming, pp. 211-235, 1999.
[7] E. Barka and R. Sandhu, “Framework for Role-Based Delegation Models and Some Extensions,” Proc. 16th Ann. Computer Security Applications Conf. (ACSAC '00), pp. 168-177, 2000.
[8] R. Baskerville, “Hacker Wars: e-Collaboration by Vandals and Warriors,” Int'l J. e-Collaboration, vol. 2, no. 1, pp. 1-16, 2006.
[9] D.E. Bell and L.J. La Padula, “Secure Computer System: UnifiedExposition and Multics Interpretation,” Technical Report ESD-TR-75-306, 1976.
[10] E. Bertino, P. Bonatti, and E. Ferrari, “TRBAC: A Temporal Role-Based Access Control Model,” ACM Trans. Information and System Security, vol. 4, no. 3, pp. 191-233, 2001.
[11] K. El-Khatib, L. Korba, Y. Xu, and G. Yee, “Privacy and Security in E-Learning,” Int'l J. Distance Education Technologies, vol. 1, no. 4, pp. 11-30, 2003.
[12] H.L. Feinstein, “Final Report: Nist Small Business Innovative Research (SBIR) Grant: Role Based Access Control: Phase 1,” technical report, SETA, 1995.
[13] D. Ferraiolo, J. Cugini, and R. Kuhn, “Role-Based Access Control (RBAC): Features and Motivations.,” Proc. 11th Ann. Computer Security Applications Conf. (ACSAC '95), pp. 241-248, 1995.
[14] D.F. Ferraiolo, J.F. Barkley, and D.R. Kuhn, “Role-Based Access Control Model and Reference Implementation within a Corporate Intranet,” ACM Trans. Information and System Security, vol. 2, pp.34-64, 1999.
[15] J. Frolik and T.M. Weller, “Wireless Sensor Systems: An Approach for a Multiuniversity Design Course,” IEEE Trans. Education, vol. 45, no. 2, pp. 135-141, 2002.
[16] G. White, “The Changing Landscape: e-Learning in Schools,” technical report at education.au limited, http://www.education. edu.au/paperschanging_landscape_gw.pdf , 2003.
[17] C. Ghaoui and W.A. Janvier, “Interactive e-Learning,” Int'l J. Distance Education Technologies, vol. 2, no. 3, pp. 23-35, 2004.
[18] A. Hagstrom, S. Jajodia, F. Presicce, and D. Wijesekera, “Revocations—A Classification,” Proc. 14th IEEE Computer Security Foundations Workshop (CSFW '01), pp. 44-58, 2001.
[19] J. Joshi, E. Bertino, U. Latif, and A. Ghafoor, “An Analysis of Expressiveness and Design Issues for the Generalized Temporal Role-Based Access Control Model,” IEEE Trans. Dependable and Secure Computing, vol. 2, no. 2, pp. 157-175, Apr.-June 2005.
[20] J. Joshi, E. Bertino, U. Latif, and A. Ghafoor, “A Generalized Temporal Role-Based Access Control Model,” IEEE Trans. Knowledge and Data Eng., vol. 17, no. 1, pp. 4-23, Jan. 2005.
[21] N. Li and B.N. Grosof, “A Practically Implementation and Tractable Delegation Logic,” Proc. IEEE Symp. Security and Privacy (S&P '00), pp. 27-42, 2000.
[22] H. Lowe, A.M. Wallis, and J. Newman, “Role-Based Access Control for Vicarious Learning,” Proc. European Conf. E-Learning (ECEL '02), pp. 43-50, 2002.
[23] H. Lu, “Open Multi-Agent Systems for Collaborative Web-Based Learning,” Int'l J. Distance Education Technologies, vol. 2, no. 2, pp.36-45, 2004.
[24] C. McNamara, “Basics of Delegating,” http://www.management help.org/guiding/delegate basics.htm, 2008.
[25] J. Mendling, G. Neumann, A. Pinterits, B. Simon, and F. Wild, “Indirect Revenue Models for e-Learning at Universities—The Case of learn@wu,” Proc. E-Learning Workshop, Sept. 2004.
[26] H. Michael, XSLT Programmer's Reference. Wiley, 2001.
[27] S. Neely, H. Lowe, D. Eyers, J. Bacon, J. Newman, and X. Gong, “An Architecture for Supporting Vicarious Learning in a Distributed Environment,” Proc. ACM Symp. Applied Computing (SAC '04), pp. 963-970, 2004.
[28] M. Nyanchama and S. Osborn, “Role-Based Security: Pros, Cons and Some Research Directions,” ACM SIGSAC Rev., pp. 11-17, 1993.
[29] R. Sandhu, “Rational for the RBAC96 Family of Access Control Models,” Proc. First ACM Workshop Role-Based Access Control (RBAC '97), pp. 64-72, 1997.
[30] S. Seufert, “E-Learning Business Models: Framework and Best Practice Examples,” Idea Group, pp. 11-36, 2001.
[31] T.F. Stafford, “Understanding Motivations for Internet Use in Distance Education,” IEEE Trans. Education, vol. 48, no. 2, pp.301-306, 2005.
[32] W. Tolone, G. Ahn, T. Pai, and S. Hong, “Access Control in Collaborative Systems,” ACM Computing Surveys, vol. 37, no. 1, pp. 29-41, 2005.
[33] H. Wang, J. Cao, and Y. Zhang, “Formal Authorization Allocation Approaches for Permission-Role Assignments Using Relational Algebra Operations,” Proc. 14th Australian Database Conf. (ADC), 2003.
[34] H. Wang, J. Cao, and Y. Zhang, “An Electronic Payment Scheme and Its RBAC Management,” Concurrent Eng.: Research and Application, vol. 12, no. 3, pp. 247-275, 2004.
[35] H. Wang, J. Cao, and Y. Zhang, “A Flexible Payment Scheme and Its Role Based Access Control,” IEEE Trans. Knowledge and Data Eng., vol. 17, no. 3, pp. 425-436, Mar. 2005.
[36] H. Wang, Y. Zhang, J. Cao, and V. Varadharajan, “Achieving Secure and Flexible M-Services through Tickets,” IEEE Trans. Systems, Man, and Cybernetics, Part A, special issue on M-Services, pp. 697-708, 2003.
[37] E. Weippl, Security in e-Learning, vol. 16. Springer, 2005.
[38] E. Weippl and G. Quirchmayr, “Revisiting Mandatory Access Control: Improving the Security of e-Learning Systems,” Proc. 13th Int'l Conf. Comm. and Computer Networks (ICCCN '04), pp.118-126, 2004.
[39] W. Yao, K. Moody, and J. Bacon, “A Model of Oasis Role-Based Access Control and Its Support for Active Security,” Proc. ACMSymp. Access Control Models and Technologies (SACMAT '01), pp. 171-181, 2001.
[40] L. Zhang, G. Ahn, and B. Chu, “A Rule-Based Framework for Role-Based Delegation,” Proc. ACM Symp. Access Control Models and Technologies (SACMAT '01), pp. 153-162, May 2001.
[41] L. Zhang, G. Ahn, and B. Chu, “A Role-Based Delegation Framework for Healthcare Information Systems,” Proc. ACM Symp. Access Control Models and Technologies (SACMAT '02), pp.125-134, June 2002.
[42] L. Zhang, G. Ahn, and B. Chu, “A Rule-Based Framework for Role-Based Delegation and Revocation,” ACM Trans. Information and System Security, vol. 6, no. 3, pp. 404-441, 2003.
24 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool