Uncle-Share: Annotation-Based Access Control for Cooperative and Social Systems Peyman Nasirifard and Vassilios Peristeras Digital Enterprise Research Institute National University of Ireland, Galway IDA Business Park, Lower Dangan, Galway, Ireland firstname.lastname@deri.org Abstract. Shared workspaces and Web 2.0 platforms provide lots of services for sharing various objects. Most current shared workspaces and Web 2.0 platforms provide role-based, coarse-grained access control poli- cies which undermine the utility of them in some cases. In this paper, we present Annotation-Based Access Control, an approach towards access control which benefits from user annotations to annotate people using various fixed and desired open vocabulary (tags) and helps to build a more flexible access control mechanism based on relationships among dif- ferent types of users. We also present a prototype, a gadget called Uncle- Share, which we have developed to enable this access control mechanism and evaluate it. Key words: Access Control, Shared Workspace, Annotation, Social Network, Web 2.0 1 Introduction Web 2.0 platforms and shared workspaces (e.g. BSCW, Microsoft SharePoint) provide necessary tools and infrastructure for sharing various items. In a shared workspace or social platform, where the people collaborate together and share resources, there should definitely exist some kind of embedded access control mechanisms in order to restrict unauthorized accesses to various resources. In brief, Access Control defines who can access what data [15]. We have analyzed the embedded access control mechanisms within some shared workspaces and Web 2.0 platforms. We signed up to some platforms, up- loaded/added some resources (e.g. documents, photos, bookmarks), added some contacts as friends and tried to share our resources with some of our contacts. We noticed that the embedded access control mechanisms were not flexible enough to enable us to share our resources with desired contacts within specific context. For instance, we could not share a specific project-related bookmark with only people that are working on that project. To overcome this situation, we had to send emails to share the bookmark with them. Most current shared workspaces and Web 2.0 platforms provide coarse-grained access control policies which un- dermine the utility of them in some cases.