KEYWORDS: Computer security, Information security, Data modeling, Plasma display panels, Instrument modeling, Control systems, Systems modeling, Solid modeling, Environmental sensing
Multi-user applications where two or more users are interacting with the same system through a shared interface e.g., large presentation touchscreens in meeting rooms to do situation analysis in a civil security context are becoming more and more frequent. Whilst traditional single user authorization scenarios seem to be a solved problem and there are some existing solutions for collaborative multi-user applications with a separate devices per user, methods for multi-user authorization, where a single device is in simultaneous usage, come with a set of new questions. It must be considered that several users work simultaneously on the same physical device so there is no way to create a separate view for every user that fits their access rights. Especially in the context of civil security it is very likely that there are several users with different security levels and the data displayed is potential highly sensitive. Therefore new strategies are needed to decide which content is shown when certain users with potentially completely different access rights work together. We will define those strategies by doing considerations how to realize authorization for a simultaneous collaborative multi-user workspace. This is done by extending the well-known Bell-LaPadula model for multi-user authorization by using different strategies regarding data confidentiality. The feasibility of our formal models is shown with an implementation in XACML, which is described in detail. With this it is already possible to integrate our model in real world applications, which we show with the Fraunhofer Digital Map Table.
Access to the requested content is limited to institutions that have purchased or subscribe to SPIE eBooks.
You are receiving this notice because your organization may not have SPIE eBooks access.*
*Shibboleth/Open Athens users─please
sign in
to access your institution's subscriptions.
To obtain this item, you may purchase the complete book in print or electronic format on
SPIE.org.
INSTITUTIONAL Select your institution to access the SPIE Digital Library.
PERSONAL Sign in with your SPIE account to access your personal subscriptions or to use specific features such as save to my library, sign up for alerts, save searches, etc.