Role-based access controls: Status, dissemination, and prospects for generic security mechanisms

Authors Wolfgang Essmayr
Stefan Probst
Edgar Weippl
Title Role-based access controls: Status, dissemination, and prospects for generic security mechanisms
Type techreport
Number SCCH-TR-0118
Address Hagenberg, Austria
Institution SCCH
Year 2001
SCCH ID# 118
Abstract

This paper presents a survey of the fundamental security models that have been used in the research and development of access control mechanisms. While various approaches have been tried for special-purpose systems, the system architecture we will sketch is that of a general-purpose framework for Java software development. In addition we will elaborate on recent improvements of role-based access control and point to future challenges. For a number of years security features have often been added to existing software causing many of the well-known deficiencies found in most software products. However, with the rise of component-based software development security models could also be made available for reuse. GAMMA, a current research project at the Software Competence Center Hagenberg, aims to achieve this. Within this paper we analyze current research, commercial products and their shortcomings to lay the foundation for Generic Authorization Mechanisms for Multi- Tier Applications (GAMMA).