Referee: trust management for Web applications
World Wide Web Journal - Special issue: Web security: a matter of trust
Role-based access control on the web
ACM Transactions on Information and System Security (TISSEC)
PGP: Pretty Good Privacy
Deficiencies in LDAP when used to support PKI
Communications of the ACM
Decentralized trust management
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
BPEL4RBAC: An Authorisation Specification for WS-BPEL
WISE '08 Proceedings of the 9th international conference on Web Information Systems Engineering
Weight-modeling of B2C system quality
Computer Standards & Interfaces
| Hi-index | 0.00 |
In this paper, an Object-Oriented Role-Based Access Control (ORBAC) model for e-commerce is introduced. Based on the model, an efficient method for managing ORBAC security policies using eXtensible Markup Language (XML) and a role assignment algorithm are presented. The proposed method using digital credentials and an XML-based security policy greatly simplifies security policy administration for e-commerce. Also, an implementation of e-commerce applications is described. Unlike most existing approaches, with our approach the authorisation is independently defined and is separated from implementation mechanisms.