Chapter 4 Roles Setting with Role-Based Access Control Model
4.3 Anonymity Control Based On RBAC Model
4.3.1 Anonymity in a Paper Review Process
In the process of paper submission, to take fairness into account, anonymous reviewing mechanism is emphasized in some conference/journal. No matter the chief editor or reviewer an end-user is, there is no influence about the judge result by the author’s identity. The previously research [3] also shows that anonymous Reviewing helps fairness of paper review, and the openly stated criticism might have some influences upon the reviewers’ careers. So the anonymity issue should be taken into account.
Although the anonymity reviewing is important, different research group may have different levels of anonymity requirement. For example: Conference A claims that reviewer is anonymous with author. Event the reviewer’s comment about the manuscript is not opened to author; however, conference B claims that reviewer is anonymous with author, but the reviewer’s comment about the manuscript is accessible by author. For the different anonymity control, we have to propose a management approach.
Before propose the anonymity control management approach, we can
23
summarize the section need to keep anonymous in the paper review process based on Figure 4.1. They are follows (the role pair (AB) in each section stands for that
“Should Role A’s identity be known by Role B?”):
a. Paper submission (AuthorEditor): When submitting paper, it may have an influence on editor about the decision making when dispatching paper. That is, dispatching the paper to the reviewer who review paper loosely, to rise up the accept rate of this paper; or when judging the paper, the judge result may be influenced by the editor’s preference for the author.
b. Paper dispatching (ReviewerEditor): Editor should dispatch the submitted paper based on the correlation between the content of paper a nd reviewer’s research domain. It seems like that there is no need to keep anonymous between reviewer and editor in this section. However a research [3] showed that because the editor knows the relationship between the reviewers and their comments on a paper. She/he is able to convince the author that someone has reviewed the paper. And that may cause the privacy leakage problem. Therefore, we assume that there is a conference/journal would like to keep the anonymity in the paper dispatching section.
c. Responding the paper reviewing job (AuthorReviewer): When reviewer receiving the commission of reviewing paper, he/she should decide review this paper or not based on the content of the paper and the workload on herself/ himself.
However, if review knows the author’s identity, reviewer may take the relation between her/him and the author in consideration of review this paper or not. For example: if the author used to be an advisor of the reviewer, the reviewer may refuse this reviewing job because she/he doesn’t like to offend on the author.
d. Reviewing paper(AuthorReviewer): Same as c., When reviewer accepted the review job assignment, the reviewer’s comment may be influenced by the relation between her/him and the author.
e. Judged Paper(ReviewerAuthor): After the author receiving the paper judge result, editor will have appropriate feedback on the paper. Moreover, reviewer may have some feedback, too. Since an editor always stands for the conference/journal, there is no need to maintain the anonymity between editor and author. However, if there is no anonymity between reviewer and author, it may have negative influence between them if the reviewer has a negative rating about the paper.
We have summarized the sections which need to care the anonymity in the paper review process. For different research groups, they may have different anonymity setting on his conference/journal paper review process. They may think that not all
24
sections stated before should be kept anonymous. In consequence, we proposed a management approach, which extended from RBAC model introduced in Chapter 4.2.
Because that we found that based on RBAC model, the anonymity setting can be managed conveniently.
4.3.2 Using RBAC Model to Control the Anonymity
This thesis used the RBAC model to manage the anonymity of the whole paper submit/review process. At first, we let system manager define the anonymity between roles when she/he is defining the role frames. After defining the anonymity between roles, system can generate a 2-dimension anonymity setting matrix like Table 4.1. The Matrix [i][j] stands for the useri is anonymous with userj or not. For example: Matrix [1][2] is Anonymous. It stands for the user information of Author should be hidden with Editor.
Table 4.1: Anonymity Setting Matrix
Author Editor Reviewer Administrator
Author Public Anonymous Anonymous Public
Editor Public Public Public Public
Reviewer Public Public Anonymous Public
Administrator Public Public Public Public
We can notice that the anonymity setting matrix in Table 4.1 is not a symmetric matrix because that the anonymity relation is not an equivalence relation, author is anonymous with editor doesn’t stand for that editor should keep anonymous with author.
After generating the anonymity setting matrix, we should let system manager define the “Public Part” and “Private Part” in the section that need the anonymity control (summarize in Chapter 4.3.1). For example, some information should be hidden when paper submission. System manager should declare what’s the private information and what’s public information. After the declaration, the preparation of anonymity control based on RBAC is done. When end-user submitting paper, in the process of the interaction with other user, the system may decide to show the private information or not based on the both end users’ role relation in the anonymity setting matrix. In Figure 4.3(a), Role 1 is anonymous with another Role 1, If User A becomes Role 1, and has some interactive with User C, who is another Role 1. User A should be anonymous with User C, so the private information should be hidden from User C.
However, in Figure 4.3(b), Role 2 is public with Role 1. When User A becomes Role 2,
25
and have some interactive with User C, who is Role 1, User A should not be anonymous with User C, so the private information should be accessed by User C.
Figure 4.3(a): The anonymous setting between Role 1 and another Role 1
Figure 4.3(b): The anonymous setting between Role 2 and Role 1
From Figure 4.3(a) and Figure 4.3(b), we can notice that even if the interaction between the same user pair, under the RBAC model, if the role of user is different, it may cause different anonymity control result, and that is just one of the characteristic of RBAC.
26