Data Governance and Transparency for Collaborative Systems

Abstract: As social networks, shared editing platforms and other collaborative systems are becoming increasingly popular, the demands for proper protection of the data created and used within these systems grows. Yet, existing access control mechanisms are not suited for the challenges imposed by collaborative systems. Two main challenges should be addressed: collaborative specification of permissions, while ensuring an appropriate levels of control to the different parties involved, and enabling transparency in decisio… Show more

“…In addition, users can find challenges in understanding the effects of the specified policies (e.g., in terms of authorized users). This is because of the (possibly conflicting) protection requirements provided by multiple stakeholders [Hu et al 2013;Mahmudlu et al 2016] and because of the continued evolution of interpersonal relationships between users [Carminati and Ferrari 2010;Fong et al 2013]. This issue is further aggravated by the functionality for information sharing and community building provided by many existing community-centered systems (e.g., tagging).…”

“…Policy specification should be assisted by supporting interfaces that can help offset the burden from lay users, and address potential dependencies and inconsistencies (R5 and R6). Moreover, access control systems usually make decisions in a blackbox manner [Ghai et al 2010;Mahmudlu et al 2016] and do not inform users about the privacy risks arising from collaborative decisions. In the context of collaboration, where data can be administrated by several users with possibly conflicting privacy and sharing preferences, it should be possible for users to understand why a certain decision on their data has been taken and what the effect of such a decision is (R7).…”

“…The archetypes for a shared resource are used to determine the extent of control that users have over the object. Mahmudlu et al [2016] have extended the work in [Damen et al 2014] by proposing a general data governance framework for collaborative environments. This governance model relies on an archetype hierarchy to reason on and prioritize the degree of authority that users have over a shared resource based on their relation with the given resource.…”

“…Approaches for policy combination can be grouped in two main classes. Solutions like the ones in [Damen et al 2014;Mahmudlu et al 2016] use an authoritative approach in which the authorization requirements provided by the various entities are combined in a predefined manner. These solutions usually adopt or extend languages that allow the specification of federated access control policies such as OrBAC [Kalam et al 2003] and XACML [XACML v2.0 2005;XACML v3.0 2013], to support the collaborative authoring of access control policies.…”

“…Some steps in the direction of providing feedback on access decision making in collaborative systems have been done in [Damen et al 2014;Hu et al 2013;Mahmudlu et al 2016;. Hu et al [2013] provide the controllers of shared objects with feedback information to assess the effect of multi-party conflicts and, thus, evaluate the impact of collaborative authorizations within a social network site.…”

Survey on Access Control for Community-Centered Collaborative Systems

“…In addition, users can find challenges in understanding the effects of the specified policies (e.g., in terms of authorized users). This is because of the (possibly conflicting) protection requirements provided by multiple stakeholders [Hu et al 2013;Mahmudlu et al 2016] and because of the continued evolution of interpersonal relationships between users [Carminati and Ferrari 2010;Fong et al 2013]. This issue is further aggravated by the functionality for information sharing and community building provided by many existing community-centered systems (e.g., tagging).…”

“…Policy specification should be assisted by supporting interfaces that can help offset the burden from lay users, and address potential dependencies and inconsistencies (R5 and R6). Moreover, access control systems usually make decisions in a blackbox manner [Ghai et al 2010;Mahmudlu et al 2016] and do not inform users about the privacy risks arising from collaborative decisions. In the context of collaboration, where data can be administrated by several users with possibly conflicting privacy and sharing preferences, it should be possible for users to understand why a certain decision on their data has been taken and what the effect of such a decision is (R7).…”

“…The archetypes for a shared resource are used to determine the extent of control that users have over the object. Mahmudlu et al [2016] have extended the work in [Damen et al 2014] by proposing a general data governance framework for collaborative environments. This governance model relies on an archetype hierarchy to reason on and prioritize the degree of authority that users have over a shared resource based on their relation with the given resource.…”

“…Approaches for policy combination can be grouped in two main classes. Solutions like the ones in [Damen et al 2014;Mahmudlu et al 2016] use an authoritative approach in which the authorization requirements provided by the various entities are combined in a predefined manner. These solutions usually adopt or extend languages that allow the specification of federated access control policies such as OrBAC [Kalam et al 2003] and XACML [XACML v2.0 2005;XACML v3.0 2013], to support the collaborative authoring of access control policies.…”

“…Some steps in the direction of providing feedback on access decision making in collaborative systems have been done in [Damen et al 2014;Hu et al 2013;Mahmudlu et al 2016;. Hu et al [2013] provide the controllers of shared objects with feedback information to assess the effect of multi-party conflicts and, thus, evaluate the impact of collaborative authorizations within a social network site.…”

Survey on Access Control for Community-Centered Collaborative Systems

An Authorization Framework for Cooperative Intelligent Transport Systems

A Category-Based Framework for Privacy-Aware Collaborative Access Control