Relational Access Control with Bivalent Permissions in a Social Web/Collaboration Architecture
This addresses access control challenges for social web and collaboration systems, but it is incremental as it builds on existing relational access control models.
The paper tackles the problem of access control in social web/collaboration architectures by introducing a bivalent relation object access control (BROAC) model that allows for both positive and negative permissions and resolves conflicts, with initial tests showing permission checking scales linearly in time.
We describe an access control model that has been implemented in the web content management framework "Deme" (which rhymes with "team"). Access control in Deme is an example of what we call "bivalent relation object access control"(BROAC). This model builds on recent work by Giunchiglia et al. on relation-based access control (RelBAC), as well as other work on relational, flexible, fine-grained, and XML access control models. We describe Deme's architecture and review access control models, motivating our approach. BROAC allows for both positive and negative permissions, which may conflict with each other. We argue for the usefulness of defining access control rules as objects in the target database, and for the necessity of resolving permission conflicts in a social Web/collaboration architecture. After describing how Deme access control works, including the precedence relations between different permission types in Deme, we provide several examples of realistic scenarios in which permission conflicts arise, and show how Deme resolves them. Initial performance tests indicate that permission checking scales linearly in time on a practical Deme website.