Tipo
Artículo de journal
Año
2012
ISSN
1548-0992
Páginas
1742
Número
3
Volúmen
10
Abstract
This work describes a framework, called {ACTkit}, for the definition and enforcement of dynamic access control policies on (multi-tiered) information systems. {ACTkit} embodies a language for defining security policies built out of role-, context- and content-based access control rules and an access control module responsible for the policy enforcement. A model, which has been defined as an extension of Hierarchical {RBAC} to provide a precise semantics for the security policies, is also presented and discussed.
Autores
Citekey
betarte_actkit:_2012
doi
10.1109/TLA.2012.6222580
Keywords
policy enforcement
{RBAC}
role-based access control
security policy
Access control
Visualization
{ACTkit}
Application programming interfaces
Application Security
authorisation
Authorization
content-based access control
Context
Context modeling
context-based access control
Context-based and Content-based Access Control
dynamic access control policy
hierarchical {RBAC}
information system
information systems
Java