Quick links

Access Control for Ad-hoc Collaboration (Thesis)

Report ID:
December 2000
Download Formats:


With the advent of networks that span administrative
domains, increasing mobility, and even global-area networks, we find
ourselves more and more often in situations where we do not know the
potential parties accessing our computer systems. Yet, we choose to
collaborate with those parties: For example, we frequently browse
unknown Web sites, or invite unknown clients to access our servers.
We call a scenario in which parties choose to collaborate that do not
necessarily trust each other, or even know each other, an
ad-hoc collaboration.

This dissertation investigates how we can protect our sensitive
resources in the presence of ad-hoc collaboration. In particular, we
study three ad-hoc collaboration scenarios and propose novel access
control schemes for each of them. In our first system we propose and
implement an access control mechanism for distributed Java
applications that can span administrative domains. It uses an access
control logic to allow servers to reason about the access privileges
of unknown clients. Our second system presents a simple security
model for the personal computer, in which the user's workstation is
divided into multiple desktops. Each desktop is sealed off from the
others, confining the possibly dangerous results of ad-hoc
collaboration. Our last system investigates ad-hoc collaboration with
hand-held computers. We present a framework that allows developers to
write ``split applications'': Part of the application runs on a
trusted, but computationally limited, small computer, and part of
the application runs on an untrusted, but more powerful PC.

Follow us: Facebook Twitter Linkedin