Title :
ACTkit: A Framework for the Definition and Enforcement of Role, Content and Context-based Access Control Policies
Author :
Betarte, Gustavo ; Gatto, Alberto ; Martinez, Ricardo ; Zipitria, F.
Author_Institution :
Inst. de Comput., Univ. de la Republica, Montevideo, Uruguay
fDate :
4/1/2012 12:00:00 AM
Abstract :
This work describes a framework, called ACTkit, for the definition and enforcement of dynamic access control policies on (multi-tiered) information systems. ACTkit embodies a language for defining security policies built out of role-, context- and content-based access control rules and an access control module responsible for the policy enforcement. A model, which has been defined as an extension of Hierarchical RBAC to provide a precise semantics for the security policies, is also presented and discussed.
Keywords :
authorisation; information systems; ACTkit; content-based access control; context-based access control; dynamic access control policy; hierarchical RBAC; information system; policy enforcement; role-based access control; security policy; Access control; Application programming interfaces; Context; Context modeling; Java; Visualization; Application Security; Authorization; Context-based and Content-based Access Control; RBAC;
Journal_Title :
Latin America Transactions, IEEE (Revista IEEE America Latina)
DOI :
10.1109/TLA.2012.6222580
