Title :
A policy-based access control mechanism for the corporate Web
Author :
Ungureanu, Victoria ; Vesuma, F. ; Minsky, Naftaly H.
Author_Institution :
MSIS Dept., Rutgers Univ., Newark, NJ, USA
Abstract :
Current Web technologies use access control lists (ACLs) for enforcing regulations and practices governing businesses today. Having the policy hard-coded into ACLs causes management and security problems which have sofar prevented intranets from achieving their full potential. This paper is about a concrete design of a mechanism that supports policies for regulating access to information via corporate intranet. This mechanism makes a strict separation between the formal statement of a policy, and its enforcement, the latter being carried out by generic policy engines. The proposed mechanism is easy to deploy, requiring no modifications of current Web servers. We provide some preliminary performance results that show that the mechanism is quite affordable, even in its present, experimental stage
Keywords :
authorisation; business data processing; intranets; access control lists; corporate Web; corporate intranet; formal statement; intranets; management problems; policy engines; policy-based access control mechanism; security problems; Access control; Computer science; Computer security; Concrete; Information security; Technology management; Web pages; Web server; Web sites; World Wide Web;
Conference_Titel :
Computer Security Applications, 2000. ACSAC '00. 16th Annual Conference
Conference_Location :
New Orleans, LA
Print_ISBN :
0-7695-0859-6
DOI :
10.1109/ACSAC.2000.898868
