Role-Based Access Control Models
Computer
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Controlling access in multiuser interfaces
ACM Transactions on Computer-Human Interaction (TOCHI)
Proceedings of the IFIP TC11 WG11.3 Eleventh International Conference on Database Securty XI: Status and Prospects
Constraint specification for object model of access control based on role
ACM SIGSOFT Software Engineering Notes
Hi-index | 0.01 |
At present, majority access control models mainly deal with data-protection at the back-end of applications. However, they are not applicable for large and complex multi-user applications. Though Object Technology has turned into one of the mainstream approaches for large and complex applications development, it still lacks a general model of application-level access control. While the existing models of role-based access control could simplify privilege management, they neglect the dynamic features of activated roles. This paper proposes an object-oriented model in Unified Modeling Language supporting application-level access control based on users' roles. In the model, an interface type is provided containing a set of operations as user services, which are authorized to users via their roles. To represent the activated roles, Role-Playing is introduced, and it is modeled as an active class. Every object of Role-Playing runs in particular context, which restrict users' rights dynamically and control users' interaction actively. The model is suitable for multi-user interactive computing and distributed information-processing systems.