Role Based Reengineering of Web Applications

Authors:
Andrea De Lucia;Massimiliano Giordano;Giuseppe Polese;Giuseppe Scanniello;Genoveffa Tortora
Affiliations:
Dipartimento di Matematica e Informatica - Università di Salerno (SA) Italy;Dipartimento di Matematica e Informatica - Università di Salerno (SA) Italy;Dipartimento di Matematica e Informatica - Università di Salerno (SA) Italy;Dipartimento di Matematica e Informatica - Università di Salerno (SA) Italy;Dipartimento di Matematica e Informatica - Università di Salerno (SA) Italy
Venue:
WSE '05 Proceedings of the Seventh IEEE International Symposium on Web Site Evolution
Year:
2005

Citing 0
Cited 2

Improving the Usability of E-Commerce Applications using Business Processes

IEEE Transactions on Software Engineering
Feasibility study of software reengineering towards role-based access control

International Journal of Computer Applications in Technology

Quantified Score

Hi-index	0.00

Visualization

Abstract

We present an approach based on roles and access policies to improve security management of Web Applications. The approach first identifies the roles users have in the application, and then the software resources they can access based on the assigned role. Roles and resources are then used to design access policies by means of a visual language based tool providing a metaphor oriented layer above the well known Role Based Access Control (RBAC) model. A network infrastructure based on a Policy Enforcement Point (PEP) and a Policy Decision Point (PDP) is used to enforce these policies. The proposed approach has been used in a preliminary case study.