Title :
Intergrating role-based access control model with web server
Author :
Li, Celia ; Yang, Cungang ; Qin, Ling ; Yang, Yiguang
Author_Institution :
Dept. of Electr. & Comput. Eng., Ryerson Univ., Toronto, ON, Canada
Abstract :
There is a growing threat of illegal computer access to Web-based application and security measures are now being implemented for applications that incorporate security logic in addition to business logic. This paper introduces a framework for Web security, which protects against illegal computer access to resources by granting different layers of privileges to different user roles. The role-based access control (RBAC) features are analyzed and implemented in the most recent versions of Java Application server and PointBase DB Server. RBAC features are categorized under three broad areas: user role assignment, supporting tolr relationships and credentials, and assignable privileges. These features provide a sound basis for implementing the basic features of RBAC.
Keywords :
Internet; Java; authorisation; Java Application server; PointBase DB Server; RBAC; Web server; illegal computer access; role-based access control model; user role assignment; Access control; Application software; Authorization; Books; Computer security; Internet; Java; Logic; Public key; Web server;
Conference_Titel :
Applications of Digital Information and Web Technologies, 2009. ICADIWT '09. Second International Conference on the
Conference_Location :
London
Print_ISBN :
978-1-4244-4456-4
Electronic_ISBN :
978-1-4244-4457-1
DOI :
10.1109/ICADIWT.2009.5273955
