مرکز منطقه ای اطلاع رساني علوم و فناوري - Specification & Enforcement of Access Control in Information & Communication Systems

DocumentCode :

1582660

Title :

Specification & Enforcement of Access Control in Information & Communication Systems

Author :

El Kalam, Anas Abou

Author_Institution :

IRIT, Univ. de Toulouse, Toulouse

fYear :

2008

Firstpage :

Lastpage :

Abstract :

While OrBAC (organization-based access control) become largely used (thanks to its clarity and simplicity), there is no work that compares its complexity with existing models. This paper demonstrates that OrBAC greatly reduces the cost of administering access control policies as well as making this process less error-prone. Moreover, while OrBAC is well- adapted to centralized systems, this work integrate a novel collaboration process to OrBAC. Finally, we present a J2EE implementation of a multithread XACML-based profiles for OrBAC.

Keywords :

Java; authorisation; J2EE; communication system; information system; organization-based access control; Access control; Collaborative work; Communication system security; Concrete; Costs; Data security; Error correction; Information security; Permission; Risk management; Access control; Information & data security; J2EE; XACML; security policies and models;

fLanguage :

English

Publisher :

ieee

Conference_Titel :

Information and Communication Technologies: From Theory to Applications, 2008. ICTTA 2008. 3rd International Conference on

Conference_Location :

Damascus

Print_ISBN :

978-1-4244-1751-3

Electronic_ISBN :

978-1-4244-1752-0

Type :

conf

DOI :

10.1109/ICTTA.2008.4530282

Filename :

4530282

Link To Document :

https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=1582660