Security for ICT collaboration tools
article
In order for collaboration tools to be productive in an operational setting, an information base that is shared across the collaborating parties is needed. Therefore, a lot of research is
done for tooling to create such a common information base in a collaboration tool. However, security is often not given a lot of attention. In this paper we argue that security is a necessary part
of collaboration systems. We identified and categorized security issues in a collaboration system, MiReCol, and recognized a new group of security issues that apply to collaboration tooling in
general. Those new issues are related to the fact that several different authorized users are using the collaboration tool together. In those situations, the threat exists that an
unauthorized user can view confidential data. We have researched possible countermeasures against these new threats. Some possible countermeasures are already being researched, and are mentioned in
this paper. One of them, ‘labeling and release’ has been worked out in more detail, to research what theconsequences are of this countermeasure.
We conclude that security is a necessary part of an ICT collaboration tool, and depending on the case, security countermeasures have to be implemented. Most security issues
can be handled with existing techniques. However, to protect confidentiality in a multi-user environment, extra techniques have to be developed.
done for tooling to create such a common information base in a collaboration tool. However, security is often not given a lot of attention. In this paper we argue that security is a necessary part
of collaboration systems. We identified and categorized security issues in a collaboration system, MiReCol, and recognized a new group of security issues that apply to collaboration tooling in
general. Those new issues are related to the fact that several different authorized users are using the collaboration tool together. In those situations, the threat exists that an
unauthorized user can view confidential data. We have researched possible countermeasures against these new threats. Some possible countermeasures are already being researched, and are mentioned in
this paper. One of them, ‘labeling and release’ has been worked out in more detail, to research what theconsequences are of this countermeasure.
We conclude that security is a necessary part of an ICT collaboration tool, and depending on the case, security countermeasures have to be implemented. Most security issues
can be handled with existing techniques. However, to protect confidentiality in a multi-user environment, extra techniques have to be developed.
TNO Identifier
461952
Source
Journal of Information Assurance and Security, 6(5), pp. 415-423.
Pages
415-423
Files
To receive the publication files, please send an e-mail request to TNO Repository.