Abstract
Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via readonly browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which ushave stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.
TopIntroduction
Over the past decade, the World Wide Web (WWW) has come to the forefront as a viable means to allow individuals and organizations to collaborate. Consequently, web portals have emerged as a means to facilitate these interactions, ranging from information repositories to full-fledged authoring and document content collaboration. For instance, WebMD (http://www.hhs.gov/ocr/hipaa/). Utilizing existing collaborative portals in health care are likely to violate HIPPA, given the coarse level of access and limited accountability to content creation and modification; the security of patient/physician interactions simply could not be assured.
Key Terms in this Chapter
Brainstorm: Brainstorm is a toolkit for software requirements elicitation efforts.
Role-base Access Control (RBAC): RBAC is an access control model that reduces the administration overhead compared to other traditional access control models. In RBAC, permissions are assigned directly to roles, and then roles are assigned to users. As a result, permissions can change without changing user authorization.
Collaborative Web Portals: Collaborative Web Portals allow multiple users to work together on a particular subject. There are many web portals that support collaboration in various domains. Of particular note is Wikipedia, the largest free online encyclopedia.
XHTML: XHTML is an application of XML, a more restrictive subset of SGML. XHTML documents allow for automated processing to be performed using standard XML tools unlike complex parsers for HTML.
Axon: Axon is a collaborative web portal that supports fine-grained access control, multiple channel publication, business workflows, and an advanced document search.