The RBAC model and implementation architecture in multi-domain environment
Electronic Commerce Research
| Hi-index | 0.00 |
Administering security in modern enterprise systems may prove an extremely complex task. Their large scale and dynamic nature are the main factors that contribute to this fact. A robust and flexible model is needed in order to guarantee both the easy management of security information and the efficient implementation of security mechanisms. In this paper, we present the foundations and the prototypical implementation of a new access control framework. The framework is mainly targeted to highly dynamic, large enterprise systems (e.g., service provisioning platforms, enterprise portals etc.), which contain various independent functional entities. Significant advantages gained from the application of the designated framework in such systems are epitomized in the easiness of managing access to their hosted resources (e.g., services) and the possibility of applying distributable management schemes for achieving it. The proposed framework allows for multi-level access control through the support of both role-based and user-based access control schemes. Discussion is structured in three distinct areas: the formal model of the proposed framework, the data model for supporting its operation, and the presentation of a prototypical implementation. The development of the framework is based on open technologies like XML, java and Directory Services. At the last part of the paper the results of a performance assessment are presented, aiming to quantify the delay overhead, imposed by the application of the new framework in a real system.