A model for content-dependent access control for Web-based services with role-based approach

Author

Wolf, Ruben ; Keinz, Thomas ; Schneider, Markus

Author_Institution

FhG Inst. for Secure Telecooperation (SIT), Darmstadt, Germany

fYear

2003

fDate

1-5 Sept. 2003

Firstpage

209

Lastpage

214

Abstract

Controlling access to resources is one of the most important protection goals for Web-based services in practice. In general, access control requires identification of subjects that intend to use resources. Today, there are several identification mechanisms for subjects, providing different security levels. However, some of them are only suitable to be used in specific environments. In this paper we consider access control to Web-based services that also depends on the strength of identification mechanisms as a context-dependent parameter. Furthermore, we show how to model this context-dependent access control by using role-based concepts.

Keywords

Internet; access control; authorisation; telecommunication security; RBAC; Web-based services; content-dependent access; context-dependent parameter; identification mechanisms; role-based access control; role-based concepts; security levels; subject identification; Access control; Access protocols; Centralized control; Context modeling; Context-aware services; Grid computing; Information security; Online Communities/Technical Collaboration; Protection; Telematics;

fLanguage

English

Publisher

ieee

Conference_Titel

Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on

ISSN

1529-4188

Print_ISBN

0-7695-1993-8

Type

conf

DOI

10.1109/DEXA.2003.1232025

Filename

1232025