Collaborative trust evaluation for wiki security

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2012

Standard

Collaborative trust evaluation for wiki security. / Lindberg, Kasper; Jensen, Christian D.

2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE, 2012. p. 176-184.

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2012

Harvard

Lindberg, K & Jensen, CD 2012, 'Collaborative trust evaluation for wiki security'. in 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE, pp. 176-184., 10.1109/PST.2012.6297938

APA

Lindberg, K., & Jensen, C. D. (2012). Collaborative trust evaluation for wiki security. In 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). (pp. 176-184). IEEE. 10.1109/PST.2012.6297938

CBE

Lindberg K, Jensen CD. 2012. Collaborative trust evaluation for wiki security. In 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE. pp. 176-184. Available from: 10.1109/PST.2012.6297938

MLA

Lindberg, Kasper and Christian D. Jensen "Collaborative trust evaluation for wiki security". 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE. 2012. 176-184. Available: 10.1109/PST.2012.6297938

Vancouver

Lindberg K, Jensen CD. Collaborative trust evaluation for wiki security. In 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE. 2012. p. 176-184. Available from: 10.1109/PST.2012.6297938

Author

Lindberg, Kasper; Jensen, Christian D. / Collaborative trust evaluation for wiki security.

2012 Tenth Annual International Conference on Privacy, Security and Trust (PST). IEEE, 2012. p. 176-184.

Publication: Research - peer-reviewArticle in proceedings – Annual report year: 2012

Bibtex

@inbook{2c547a3721854582b3c5872be820975b,
title = "Collaborative trust evaluation for wiki security",
publisher = "IEEE",
author = "Kasper Lindberg and Jensen, {Christian D.}",
year = "2012",
doi = "10.1109/PST.2012.6297938",
pages = "176-184",
booktitle = "2012 Tenth Annual International Conference on Privacy, Security and Trust (PST)",

}

RIS

TY - GEN

T1 - Collaborative trust evaluation for wiki security

A1 - Lindberg,Kasper

A1 - Jensen,Christian D.

AU - Lindberg,Kasper

AU - Jensen,Christian D.

PB - IEEE

PY - 2012

Y1 - 2012

N2 - Wiki systems form a subclass of the more general Open Collaborative Authoring Systems, where content is created and maintained by a user community. The ability of anyone to edit the content is, at the same time, their strength and their weakness. Anyone can write documents that improve the value of the wiki-system, but at the same time, anyone can also introduce errors into these documents, by accident or on purpose. A security model for wiki-style authoring systems has previously been proposed. This model is based on both static and dynamic document access controls that enforce a simple integrity based security policy. In this paper, we present a new policy for the existing wiki security model, which provides a higher degree of parameterization and adaptability. The new policy is analyzed and compared to the original policy. Our evaluation shows that this new policy provides stronger security when the number of malicious and colluding users is low, but it has a clearly defined level of tolerance in terms of the amount of work required by an attacker to achieve a given probability of violating the policy. Efforts beyond that level, can allow such users to take control of the system, but this is true for all soft security systems. We show that the system parameters can be tuned so that the amount of work required by malicious and colluding users to reach this level is well beyond most attackers' capabilities.

AB - Wiki systems form a subclass of the more general Open Collaborative Authoring Systems, where content is created and maintained by a user community. The ability of anyone to edit the content is, at the same time, their strength and their weakness. Anyone can write documents that improve the value of the wiki-system, but at the same time, anyone can also introduce errors into these documents, by accident or on purpose. A security model for wiki-style authoring systems has previously been proposed. This model is based on both static and dynamic document access controls that enforce a simple integrity based security policy. In this paper, we present a new policy for the existing wiki security model, which provides a higher degree of parameterization and adaptability. The new policy is analyzed and compared to the original policy. Our evaluation shows that this new policy provides stronger security when the number of malicious and colluding users is low, but it has a clearly defined level of tolerance in terms of the amount of work required by an attacker to achieve a given probability of violating the policy. Efforts beyond that level, can allow such users to take control of the system, but this is true for all soft security systems. We show that the system parameters can be tuned so that the amount of work required by malicious and colluding users to reach this level is well beyond most attackers' capabilities.

U2 - 10.1109/PST.2012.6297938

DO - 10.1109/PST.2012.6297938

BT - 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST)

T2 - 2012 Tenth Annual International Conference on Privacy, Security and Trust (PST)

SP - 176

EP - 184

ER -