COLLABORATIVE DOCUMENT SYSTEM BASED ON GROUP AND ROLE MANAGEMENT
L. Rusu, M. Podean, L. Muresan, R. Arba
Babes Bolyai University of Cluj-Napoca (ROMANIA)
1. Introduction
In Role-Based Access Control (RBAC), access decisions are based on an individual’s roles and responsibilities within the organization or user base. RBAC in information and communication technology (ICT) requires user authentication and authorization data to reside locally in their users database. Organizations use complicated data synchronization mechanism in such a system for export their users’ data to the system (Andress, 2001, Ferraiolo et al, 2003). Type of access that is permitted and who or what process may have access to a specify sistem resource can prescribe computer-based access controls (Ferraiolo & Kuhn, 1995, Barkley, 1999). Workflow management systems (WMS) allow the automation of processes within an organization, enabling greater coordination and control among geographically distributed teams (Nallaparaju et al. 2005). Using WMS, the organization can integrate different software technologies, leading to the improvement of the collaborative activities (Aversano et al. 2001). This technology leaves authors with the consumption of a great deal of time.
This paper reports a case study implementing an approach in collaboratively creating scientific papers. Our prototype of security framework use groups and roles functionalities for sharing protected knowledge management and particular Web resources among independent organizations. Dante is a web based system design upon de model-view-controller design pattern which stores all data in XML files.
2. Role and Group Management
Collaboration between two organizations is based on agreement to use the name of the group in user-group and group-role relations. In this case the group name is a bridge for inter-organizations authorization mechanism. All users and groups are named using domain-name and sub-domain name of their organization. The organization providing services will determine which domains can share its resources by giving a proper role membership to a group from another domain. The core of users-groups management in an organization is a centralized account identity database from which users belonging to that organization authenticate them self. The management system must also provide a centralized database for group membership of users and this database can be queried at any time by service providers. Service provider in another organization has a roles-resources management in a centralize permissions’ database by define and use operations-resources action matrices.
3. Document management model based on RBAC
For our goal - research management arranging users into groups and roles are made even at the beginning of project and automate grant or deny permissions to many users at once, reduces errors and reduces cost of administration. This model can be applied across organizations (universities and companies) which are based on the independent collaborative administration and group structure because it provides high level of edibility and usability. Also if we have such model may be use another model to monitorize and audit every step and schedule during research program and improve cooperation between users from different groups. Dante is a web based system design upon de model-view-controller design pattern which stores all data in XML files. This approach allows a great flexibility in handling document and user interaction.