Enforcing Role-Based Access Controls in Software Systems with an Agent Based Service Oriented Approach

Author

Chen, Feng ; Li, Shaoyun ; Yang, Hongji

Author_Institution

De Montfort Univ., Leicester

fYear

2007

fDate

15-17 April 2007

Firstpage

483

Lastpage

488

Abstract

Access control is often used to make restrictions to the resources in a system so that these resources can only be accessed by those who have the corresponding privilege. Role-based access controls (RBAC) model introduces roles into access control so that the privilege is assigned to role and access control can be managed easily by defining the role of the users and inheritance structure of the roles. Although the RBAC model has been well accepted, it turns out to have some problems in applying RBAC to an existing system: an existing system is generally not organised in roles; it is very hard to add the access control functions to each module of an existing system. In this paper, an agent-based service oriented approach that helps existing systems be migrated to RBAC for software evolution is proposed. The architecture and working flow of the approach are presented and an example showing how to use the proposed framework and methodology is illustrated.

Keywords

authorisation; multi-agent systems; agent based service oriented approach; multi-agent system; role-based access controls; software evolution; software systems; Access control; Communication system security; Computer security; Control systems; Data security; Information technology; Laboratories; Privacy; Software systems; Technological innovation; Legacy System; Multi-Agent System (MAS); Re-engineering; Role-Based Access Control (RBAC); Service Oriented Computing (SOC);

fLanguage

English

Publisher

ieee

Conference_Titel

Networking, Sensing and Control, 2007 IEEE International Conference on

Conference_Location

London

Print_ISBN

1-4244-1076-2

Electronic_ISBN

1-4244-1076-2

Type

conf

DOI

10.1109/ICNSC.2007.372826

Filename

4239039