Role-based access controls: status, dissemination, and prospects for generic security mechanisms

Autoren Wolfgang Essmayr
Stefan Probst
Edgar Weippl
Titel Role-based access controls: status, dissemination, and prospects for generic security mechanisms
Typ Artikel
Journal Int. Journal of Electronic Commerce Research
Nummer 1-2
Band 4
ISSN 1389-5753
Jahr 2004
Seiten 127-156
SCCH ID# 223
Abstract

This paper presents a survey of the fundamental security models that have been used in the research and development of access control mechanisms. While various approaches have been tried for special-purpose systems, the system architecture we will sketch is that of a general-purpose framework for Java software development. In addition we will elaborate on recent improvements of role-based access control and point to future challenges. For a number of years security features have often been added to existing software causing many of the well-known deficiencies found in most software products. However, with the rise of component-based software development security models could also be made available for reuse. GAMMA, a current research project at the Software Competence Center Hagenberg, aims to achieve this. Within this paper we analyze current research, commercial products and their shortcomings to lay the foundation for Generic Authorization Mechanisms for Multi-Tier Applications (GAMMA).