• DocumentCode
    2187407
  • Title

    Role based reengineering of Web applications

  • Author

    De Lucia, Andrea ; Giordano, Massimiliano ; Polese, Giuseppe ; Scanniello, Giuseppe ; Tortora, Genoveffa

  • Author_Institution
    Dipt. di Matematica e Inf., Salerno Univ., Italy
  • fYear
    2005
  • fDate
    26 Sept. 2005
  • Firstpage
    103
  • Lastpage
    110
  • Abstract
    We present an approach based on roles and access policies to improve security management of Web applications. The approach first identifies the roles users have in the application, and then the software resources they can access based on the assigned role. Roles and resources are then used to design access policies by means of a visual language based tool providing a metaphor-oriented layer above the well-known role based access control (RBAC) model. A network infrastructure based on a policy enforcement point (PEP) and a policy decision point (PDP) is used to enforce these policies. The proposed approach has been used in a preliminary case study.
  • Keywords
    Internet; authorisation; systems re-engineering; visual languages; Web applications; access policies; metaphor-oriented layer; policy decision point; policy enforcement point; role based access control; role based reengineering; security management; visual language based tool; Access control; Application software; Computer architecture; Context modeling; Databases; Hardware; Power system management; Resource management; Security; Software tools;
  • fLanguage
    English
  • Publisher
    ieee
  • Conference_Titel
    Web Site Evolution, 2005. (WSE 2005). Seventh IEEE International Symposium on
  • ISSN
    1550-4441
  • Print_ISBN
    0-7695-2470-2
  • Type

    conf

  • DOI
    10.1109/WSE.2005.12
  • Filename
    1517987
    • Link To Document
    https://search.isc.ac/dl/search/defaultta.aspx?DTC=49&DC=2187407