• DocumentCode
    1546803
  • Title

    ACTkit: A Framework for the Definition and Enforcement of Role, Content and Context-based Access Control Policies

  • Author

    Betarte, Gustavo ; Gatto, Alberto ; Martinez, Ricardo ; Zipitria, F.

  • Author_Institution
    Inst. de Comput., Univ. de la Republica, Montevideo, Uruguay
  • Volume
    10
  • Issue
    3
  • fYear
    2012
  • fDate
    4/1/2012 12:00:00 AM
  • Firstpage
    1742
  • Lastpage
    1751
  • Abstract
    This work describes a framework, called ACTkit, for the definition and enforcement of dynamic access control policies on (multi-tiered) information systems. ACTkit embodies a language for defining security policies built out of role-, context- and content-based access control rules and an access control module responsible for the policy enforcement. A model, which has been defined as an extension of Hierarchical RBAC to provide a precise semantics for the security policies, is also presented and discussed.
  • Keywords
    authorisation; information systems; ACTkit; content-based access control; context-based access control; dynamic access control policy; hierarchical RBAC; information system; policy enforcement; role-based access control; security policy; Access control; Application programming interfaces; Context; Context modeling; Java; Visualization; Application Security; Authorization; Context-based and Content-based Access Control; RBAC;
  • fLanguage
    English
  • Journal_Title
    Latin America Transactions, IEEE (Revista IEEE America Latina)
  • Publisher
    ieee
  • ISSN
    1548-0992
  • Type

    jour

  • DOI
    10.1109/TLA.2012.6222580
  • Filename
    6222580
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=1546803