TY - GEN
T1 - COLBAC
T2 - 12th New Security Paradigms Workshop, NSPW 2021
AU - Gallagher, Kevin
AU - Torres-Arias, Santiago
AU - Memon, Nasir
AU - Feldman, Jessica
N1 - Publisher Copyright:
© 2021 Owner/Author.
PY - 2021/10/25
Y1 - 2021/10/25
N2 - Cybersecurity suffers from an oversaturation of centralized, hierarchical systems and a lack of exploration in the area of horizontal security, or security techniques and technologies which utilize democratic participation for security decision-making. Because of this, many horizontally governed organizations such as activist groups, worker cooperatives, trade unions, not-for-profit associations, and others are not represented in current cybersecurity solutions, and are forced to adopt hierarchical solutions to cybersecurity problems. This causes power dynamic mismatches that lead to cybersecurity and organizational operations failures. In this work we introduce COLBAC, a collective based access control system aimed at addressing this lack. COLBAC uses democratically authorized capability tokens to express access control policies. It allows for a flexible and dynamic degree of horizontality to meet the needs of different horizontally governed organizations. After introducing COLBAC, we finish with a discussion on future work needed to realize more horizontal security techniques, tools, and technologies.
AB - Cybersecurity suffers from an oversaturation of centralized, hierarchical systems and a lack of exploration in the area of horizontal security, or security techniques and technologies which utilize democratic participation for security decision-making. Because of this, many horizontally governed organizations such as activist groups, worker cooperatives, trade unions, not-for-profit associations, and others are not represented in current cybersecurity solutions, and are forced to adopt hierarchical solutions to cybersecurity problems. This causes power dynamic mismatches that lead to cybersecurity and organizational operations failures. In this work we introduce COLBAC, a collective based access control system aimed at addressing this lack. COLBAC uses democratically authorized capability tokens to express access control policies. It allows for a flexible and dynamic degree of horizontality to meet the needs of different horizontally governed organizations. After introducing COLBAC, we finish with a discussion on future work needed to realize more horizontal security techniques, tools, and technologies.
KW - access control
KW - activism
KW - authorization
KW - democracy
KW - distributed systems
KW - horizontality
KW - participation
KW - participatory design
KW - security
UR - http://www.scopus.com/inward/record.url?scp=85124409473&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85124409473&partnerID=8YFLogxK
U2 - 10.1145/3498891.3498903
DO - 10.1145/3498891.3498903
M3 - Conference contribution
AN - SCOPUS:85124409473
T3 - ACM International Conference Proceeding Series
SP - 13
EP - 27
BT - New Security Paradigms Workshop, NSPW 2021
PB - Association for Computing Machinery
Y2 - 26 October 2021 through 28 October 2021
ER -