Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Role-Based Access Control Models
Computer
Secure computing: threats and safeguards
Secure computing: threats and safeguards
Protection in operating systems
Communications of the ACM
An authorization model for a shared data base
SIGMOD '75 Proceedings of the 1975 ACM SIGMOD international conference on Management of data
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
.NET framework security
Database Security and Integrity
Database Security and Integrity
The PERMIS X.509 role based privilege management infrastructure
Future Generation Computer Systems - Special section: Selected papers from the TERENA networking conference 2002
The UCONABC usage control model
ACM Transactions on Information and System Security (TISSEC)
Context-Based Access Control Management in Ubiquitous Environments
NCA '04 Proceedings of the Network Computing and Applications, Third IEEE International Symposium
Fundamentals of Database Systems, Fourth Edition
Fundamentals of Database Systems, Fourth Edition
Security Patterns: Integrating Security and Systems Engineering
Security Patterns: Integrating Security and Systems Engineering
Proceedings of the 2006 conference on Pattern languages of programs
Patterns and Pattern Diagrams for Access Control
TrustBus '08 Proceedings of the 5th international conference on Trust, Privacy and Security in Digital Business
APWeb'08 Proceedings of the 10th Asia-Pacific web conference on Progress in WWW research and development
Applicability of security patterns
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Hi-index | 0.00 |
The concept of session, the context under which a user accesses resources is very important to apply access control. We present first the Controlled Access Session pattern for describing how sessions can limit the rights of a user. We then combine this pattern with two existing access control patterns. First we consider a pattern for Session-Based Role-Based Access Control, intended for organizations in which job functions form the basis for privilege assignments. Then, we present a Session-Based Attribute-Based Access Control pattern for organizations in which accesses are controlled based on values of user attributes and object properties. Since the general properties of those patterns have been described earlier we emphasize the additional effect of using sessions. The Controlled Access Session pattern can also be combined with other models of access control or used on its own.