Flexible team-based access control using contexts

Georgiadis, Christos K.; Mavridis, Ioannis; Pangalos, George; Thomas, Roshan K.

doi:10.1145/373256.373259

Cited by 171 publications

(98 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…The authorization engine supports context-based permission activation [23]. Context information (like location and time) allows one to express a variety of authorization constraints that can further tighten the permission activation.…”

Section: Context Constraintsmentioning

confidence: 99%

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL

Sohr

Mustafa

Bao

et al. 2008

2008 Annual Computer Security Applications Conference (ACSAC)

View full text Add to dashboard Cite

Role-based access control (RBAC) is a powerful means for laying out and developing higher-level organizational policies such as separation of duty, and for simplifying the security management process. One of the important aspects of RBAC is authorization constraints that express such organizational policies. While RBAC has generated a great interest in the security community, organizations still seek a flexible and effective approach to impose role-based authorization constraints in their security-critical applications. In this paper, we present a Web Services-based authorization framework that can be employed to enforce organization-wide authorization constraints. We describe a generic authorization engine, which supports organization-wide authorization constraints and acts as a central policy decision point within the authorization framework. This authorization engine is implemented by means of the USE system, a validation tool for UML models and OCL constraints. Using this system, we also demonstrate how the authorization constraints can be specified in OCL and then be implemented by USE.

show abstract

Section: Context Constraintsmentioning

confidence: 99%

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL

Sohr

Mustafa

Bao

et al. 2008

2008 Annual Computer Security Applications Conference (ACSAC)

View full text Add to dashboard Cite

show abstract

“…Access can be permitted based on environmental factors, such as location or time of day. Georgiadis et al [9] combine contextual information with team based access control. Team based roles identified by Thomas [17] are useful for collaborative working environments, where users are assigned to teams and get access to the team's resources.…”

Section: Access Policiesmentioning

confidence: 99%

“…As with roles based on functions, there is the potential for a hierarchy similar to the aggregation of activities. In Section 2.2 the concept of roles based on contextual information was reviewed [9], which has certain similarities; location is an example of this.…”

Section: Roles Based On Marketmentioning

confidence: 99%

Modelling access policies using roles in requirements engineering

Crook

Ince

Nuseibeh

2003

Information and Software Technology

View full text Add to dashboard Cite

Pressures are increasing on organisations to take an early and more systematic approach to security. A key to enforcing security is to restrict access to valuable assets. We regard access policies as security requirements that specify such restrictions. Current requirements engineering methods are generally inadequate for eliciting and analysing these types of requirements, because they do not allow complex organisational structures and procedures that underlie policies to be represented adequately. This paper discusses roles and why they are important in the analysis of security. The paper relates roles to organisational theory and how they could be employed to define access policies. A framework is presented, based on these concepts, for analysing access policies. q

show abstract

“…The framework makes use of RBAC (Role-Based Access Control). Users are affected to roles based on their credentials and competencies [13]. Role-based access is more suitable for pervasive environments since it simplifies the administration of permissions; updating roles is easier then updating permissions for every user individually [14] [15].…”

Section: Context-based Authorizations Tuningmentioning

confidence: 99%

A Generic Framework for Context-Based Distributed Authorizations

Mostefaoui¹,

Brézillon²

Modeling and Using Context

View full text Add to dashboard Cite

Abstract. In conventional security systems, protected resources such as documents, hardware devices and software applications follow an On/Off access policy. On, allows to grant access and off for denying access. This access policy is principally based on the user's identity and is static over time. As applications become more pervasive, security policies must become more flexible in order to respond to these highly dynamic computing environments. That is, security infrastructures will need to be sensitive to context. In order to meet these requirements, we propose a conceptual model for context-based authorizations tuning. This model offers a fine-grained control over access on protected resources, based on a set of user's and environment state and information.

show abstract

Flexible team-based access control using contexts

Cited by 171 publications

References 4 publications

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL

Enforcing Role-Based Access Control Policies in Web Services with UML and OCL

Modelling access policies using roles in requirements engineering

A Generic Framework for Context-Based Distributed Authorizations

Contact Info

Product

Resources

About