Name
Title | ||
|---|---|---|
Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms |
Abstract | ||
|---|---|---|
E-commerce applications have diverse security requirements ranging from business-to-business over business-to-consumer to consumer-to-consumer types of applications. This range of requirements cannot be handled adequately by one single security model although role-based access controls (RBAC) depict a promising fundament for generic high-level security. Furthermore, RBAC is well researched but rather incompletely realized in most of the current backend as well as business layer systems. Security mechanisms have often been added to existing software causing many of the well-known deficiencies found in most software products. However, with the rise of component-based software development security models can also be made available for reuse. Therefore, we present a general-purpose software framework providing security mechanisms such as authentication, access controls, and auditing for Java software development. The framework is called GAMMA (Generic Authorization Mechanisms for Multi-Tier Applications) and offers multiple high-level security models (including the aforementioned RBAC) that may even be used concurrently to cover such diverse security requirements as found within e-commerce environments. |
Year | DOI | Venue |
|---|---|---|
2004 | 10.1023/B:ELEC.0000009285.50078.b2 | Electronic Commerce Research |
Keywords | Field | DocType |
generic high-level security,component-based software development security,general-purpose software framework,security,java software development,role-based access controls,generic security mechanisms,software framework,software product,access control,single security model,security mechanism,diverse security requirement,multiple high-level security model,existing software,role based access control,software development,system security,e commerce,security model,component based software development | Security convergence,Security testing,Software security assurance,Computer science,Computer security,Security service,Cloud computing security,Security information and event management,Logical security,Computer security model | Journal |
Volume | Issue | ISSN |
4 | 1-2 | 1572-9362 |
Citations | PageRank | References |
15 | 1.26 | 18 |
Authors | ||
3 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Wolfgang Essmayr | 1 | 34 | 4.49 |
| Stefan Probst | 2 | 31 | 3.04 |
| Edgar Weippl | 3 | 856 | 105.02 |