Role-Based Access Control Models
Computer
Support for workflows in a ministerial environment
CSCW '96 Proceedings of the 1996 ACM conference on Computer supported cooperative work
Constraints for role-based access control
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
An Oracle implementation of the PRA97 model for permission-role assignment
RBAC '98 Proceedings of the third ACM workshop on Role-based access control
The specification and enforcement of authorization constraints in workflow management systems
ACM Transactions on Information and System Security (TISSEC) - Special issue on role-based access control
Proceedings of the First International Conference on Electronic Government
EGOV '02 Proceedings of the First International Conference on Electronic Government
Separation of Duty in Role-based Environments
CSFW '97 Proceedings of the 10th IEEE workshop on Computer Security Foundations
Meta-Policies for Distributed Role-Based Access Control Systems
POLICY '02 Proceedings of the 3rd International Workshop on Policies for Distributed Systems and Networks (POLICY'02)
Proceedings of the 2004 ACM symposium on Applied computing
XacT: a bridge between resource management and access control in multi-layered applications
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Enforcing security properties in task-based systems
Proceedings of the 13th ACM symposium on Access control models and technologies
Role inheritance with object-based DSD
International Journal of Internet Technology and Secured Transactions
Idea: efficient evaluation of access control constraints
ESSoS'10 Proceedings of the Second international conference on Engineering Secure Software and Systems
| Hi-index | 0.00 |
Over the last few years rapid progress has been made in moving from conceptual studies, "whitepapers" and initiatives to the actual deployment of e-Government systems [13]. In this paper we present the case study of an existing e-Government system (eLaw) which already supports key legislative processes in the country of Austria1. The study has been performed in the context of the EU FP6 project "eJustice".We present a detailed system and workflow representation referring to the example process of changing a federal law in Austria. Since such processes and their results, i.e. the laws of a country, have an enormous impact on society, they need to be secured against external and internal alteration, be it inadvertent or malicious. This is even more important in the electronic world.Instead of discussing the obvious security requirements like virus protection or network-level access control, our focus is on an often neglected form of organisational security and control properties called separation of duties. We will analyse and discuss a set of these in terms of the described eLaw process.