{ACTkit:} A Framework for the Definition and Enforcement of Role, Content and Context-based Access Control Policies

Tipo

Artículo de journal

Año

2012

ISSN

1548-0992

Páginas

1742

Número

Volúmen

Abstract

This work describes a framework, called {ACTkit}, for the definition and enforcement of dynamic access control policies on (multi-tiered) information systems. {ACTkit} embodies a language for defining security policies built out of role-, context- and content-based access control rules and an access control module responsible for the policy enforcement. A model, which has been defined as an extension of Hierarchical {RBAC} to provide a precise semantics for the security policies, is also presented and discussed.

Autores

Gatto

Gustavo Betarte

Felipe Zipitria

Martinez

Citekey

betarte_actkit:_2012

doi

10.1109/TLA.2012.6222580

Keywords

policy enforcement

{RBAC}

role-based access control

security policy

Access control

Visualization

{ACTkit}

Application programming interfaces

Application Security

authorisation

Authorization

content-based access control

Context

Context modeling

context-based access control

Context-based and Content-based Access Control

dynamic access control policy

hierarchical {RBAC}

information system

information systems

Java