skip to main content
10.1145/1860559.1860584acmconferencesArticle/Chapter ViewAbstractPublication PagesdocengConference Proceedingsconference-collections
research-article

Differential access for publicly-posted composite documents with multiple workflow participants

Published: 21 September 2010 Publication History

Abstract

A novel mechanism for providing and enforcing differential access control for publicly-posted composite documents is proposed. The concept of a document is rapidly changing: individual file-based, traditional formats can no longer accommodate the required mixture of differently formatted parts: individual images, video/audio clips, PowerPoint presentations, html-pages, Word documents, Excel spreadsheets, pdf files, etc. Multi-part composite documents are created and managed in complex workflows, with participants including external consultants, partners and customers distributed across the globe, with many no longer contained within one monolithic secure environment. Distributed over non-secure channels, these documents carry different types of sensitive information: examples include (a) an enterprise pricing strategy for new products, (b) employees' personal records, (c) government intelligence, and (d) individual medical records. A central server solution is often hard or impossible to create and maintain for ad-hoc workflows. Thus, the documents are often circulated between workflow participants over traditional, low security e-mails, placed on shared drives, or exchanged using CD/DVD or USB. The situation is more complicated when multiple workflow participants need to contribute to various parts of such a document with different access levels: for example, full editing rights, read-only, reading of some parts only, etc., for different users. We propose a full scale differential access control approach, enabling public posting of composite documents, to address these concerns.

References

[1]
}}JAR file Specification http://java.sun.com/j2se/1.5.0/docs/guide/jar/jar.html
[2]
}}HP Dialogue Live Software, Dialog Live Format (dlf) http://welcome.hp.com/country/uk/en/prodserv/software/eda/products/dialogue-live.html
[3]
}}MIME Encapsulation of Aggregate Documents, such as HTML (MHTML), http://www.rfc-editor.org/rfc/rfc2557.txt
[4]
}}OEBPS Container Format (OCF) 1.0, Recommended Specification September 11, 2006, available at http://www.idpf.org/ocf/ocf1.0/download/ocf10.htm
[5]
}}S. Battle, H. Balinsky, Modeling Composite Document Behavior with Concurrent Hierarchical Machines, Proceedings of the 9th ACM symposium on Document engineering, September 16--18, 2009, Munich, Germany
[6]
}}J. Boyer, C. Wiecha, R. Akolkar, A REST protocol and composite format for interactive web documents, Proceedings of the 9th ACM symposium on Document engineering, September 16--18, 2009, Munich, Germany
[7]
}}P. Thomas, D. Brailsford, Enhancing composite digital documents using XML-based standoff markup, Proceedings of the 5th ACM symposium on Document engineering, November 2--4, 2005, Bristol, UK
[8]
}}L. Villard, C. Roisin, N. Layaïda, An XML-Based Multimedia Document Processing Model for Content Adaptation LNCS 2023, Springer Verlag, pp.104--119, September, 2000.
[9]
}}OASIS eXtensible Access Control Markup Language (XACML),http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml, last accessed 7 July 2010.
[10]
}}E. Damiani, S. De Capitani di Vimercati, S. Paraboschi, P. Samarati, A fine-grained access control system for XML documents, ACM Transactions on Information and System Security (TISSEC), v.5 n.2, p.169--202, May 2002
[11]
}}SQLite, http://www.sqlite.org/, last accessed 7 July 2010.

Cited By

View all
  • (2016)Extension of access control policy in secure role-based workflow model2016 IEEE 10th International Conference on Application of Information and Communication Technologies (AICT)10.1109/ICAICT.2016.7991691(1-4)Online publication date: Oct-2016
  • (2015)Fine Grained Access of Interactive Personal Health RecordsProceedings of the 2015 ACM Symposium on Document Engineering10.1145/2682571.2797098(207-210)Online publication date: 8-Sep-2015
  • (2015)The Mask of ZoRRoKnowledge and Information Systems10.1007/s10115-014-0811-645:3(705-730)Online publication date: 1-Dec-2015
  • Show More Cited By

Index Terms

  1. Differential access for publicly-posted composite documents with multiple workflow participants

    Recommendations

    Comments

    Information & Contributors

    Information

    Published In

    cover image ACM Conferences
    DocEng '10: Proceedings of the 10th ACM symposium on Document engineering
    September 2010
    298 pages
    ISBN:9781450302319
    DOI:10.1145/1860559
    Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

    Sponsors

    In-Cooperation

    Publisher

    Association for Computing Machinery

    New York, NY, United States

    Publication History

    Published: 21 September 2010

    Permissions

    Request permissions for this article.

    Check for updates

    Author Tags

    1. access control
    2. composite document
    3. document security
    4. policy

    Qualifiers

    • Research-article

    Conference

    DocEng2010
    Sponsor:
    DocEng2010: ACM Symposium on Document Engineering
    September 21 - 24, 2010
    Manchester, United Kingdom

    Acceptance Rates

    DocEng '10 Paper Acceptance Rate 13 of 42 submissions, 31%;
    Overall Acceptance Rate 194 of 564 submissions, 34%

    Contributors

    Other Metrics

    Bibliometrics & Citations

    Bibliometrics

    Article Metrics

    • Downloads (Last 12 months)4
    • Downloads (Last 6 weeks)0
    Reflects downloads up to 19 Feb 2025

    Other Metrics

    Citations

    Cited By

    View all
    • (2016)Extension of access control policy in secure role-based workflow model2016 IEEE 10th International Conference on Application of Information and Communication Technologies (AICT)10.1109/ICAICT.2016.7991691(1-4)Online publication date: Oct-2016
    • (2015)Fine Grained Access of Interactive Personal Health RecordsProceedings of the 2015 ACM Symposium on Document Engineering10.1145/2682571.2797098(207-210)Online publication date: 8-Sep-2015
    • (2015)The Mask of ZoRRoKnowledge and Information Systems10.1007/s10115-014-0811-645:3(705-730)Online publication date: 1-Dec-2015
    • (2015)Handling Environment for Publicly Posted Composite DocumentsData-Driven Process Discovery and Analysis10.1007/978-3-662-46436-6_3(48-64)Online publication date: 22-Feb-2015
    • (2013)Access control requirements for structured document in cloud computingInternational Journal of Grid and Utility Computing10.1504/IJGUC.2013.0562444:2/3(95-102)Online publication date: 1-Sep-2013
    • (2011)Secure document engineeringProceedings of the 11th ACM symposium on Document engineering10.1145/2034691.2034746(269-272)Online publication date: 19-Sep-2011
    • (2011)Publicly posted composite documents with identity based encryptionProceedings of the 11th ACM symposium on Document engineering10.1145/2034691.2034740(239-248)Online publication date: 19-Sep-2011
    • (2011)Publicly Posted Composite Documents in Variably Ordered WorkflowsProceedings of the 2011IEEE 10th International Conference on Trust, Security and Privacy in Computing and Communications10.1109/TrustCom.2011.81(631-638)Online publication date: 16-Nov-2011
    • (2011)Premature silent workflow termination in publicly posted composite documents2011 IEEE International Conference on Systems, Man, and Cybernetics10.1109/ICSMC.2011.6083838(1292-1297)Online publication date: Oct-2011
    • (2010)APEXProceedings of the 10th ACM symposium on Document engineering10.1145/1860559.1860587(139-142)Online publication date: 21-Sep-2010

    View Options

    Login options

    View options

    PDF

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader

    Figures

    Tables

    Media

    Share

    Share

    Share this Publication link

    Share on social media