Abstract | ||
---|---|---|
Access control has long been a central topic in software security. Having proposed a number of different control mechanisms, including MAC, DAC, and RBAC, researchers are now introducing control models that make use of new context information, such as time, and location. Unfortunately, because these have been based on existing security paradigms, their use of context is often unintuitive, and insufficiently separated from business and processing logic. This paper proposes a new model for access control called CIAAC (Context Information-based Application Access Control). CIAAC is specifically designed to separate context awareness and access control policies from business and processing logic, allowing operators of business applications to change access control policies more freely in response to the external security environment.
|
Year | DOI | Venue |
---|---|---|
2016 | 10.1145/2857546.2857623 | IMCOM |
Field | DocType | ISBN |
Computer access control,Software security assurance,Computer science,Computer security,Business logic,Role-based access control,Computer network,Context awareness,Access control,Discretionary access control,Physical access | Conference | 978-1-4503-4142-4 |
Citations | PageRank | References |
0 | 0.34 | 3 |
Authors | ||
2 |
Name | Order | Citations | PageRank |
---|---|---|---|
Young-Gab Kim | 1 | 197 | 29.21 |
Yonghan Lee | 2 | 3 | 2.88 |