Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

Sharing Protected Web Resources Using Distributed Role-Based Modeling

  • Conference paper
Frontiers of WWW Research and Development - APWeb 2006 (APWeb 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3841))

Included in the following conference series:

  • 883 Accesses

Abstract

In this paper we propose a model that simplifies distributed roles management in cooperating educational organizations by creating group/role relationships to protect Web resources. Organizations share their user and group data with each other through a common communication protocol using XML-RPC.

Arranging users into groups and roles makes it easier to grant or deny permissions to many users at once. We argue that our model may be used across organizations, based on the group structure and independent collaborative administration and because it provides a high level of flexibility and usability.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. Al-Kahtani, M., Sandhu, R.: Rule-based RBAC with negative authorization. In: 20th Annual Computer Security Applications Conference, Arizona (2004)

    Google Scholar 

  2. Andress, M.: Access control. Information security magazine (April 2001)

    Google Scholar 

  3. Barka, E., Sandhu, R.: Role-based delegation model/ hierarchical roles. In: 20th Annual Computer Security Applications Conference, Arizona (2004)

    Google Scholar 

  4. Barkley, J., Beznosov, K., Uppal, J.: Supporting relationships in access control using Role Based Access Control. In: Fourth ACM Workshop on Role-Based Access Control (1999)

    Google Scholar 

  5. Bertino, E., Bonatti, P.A., Ferrari, E.: TRBAC: A temporal Role-Based Access Control model. ACM Tr. on ISS 3(3), 191–223 (2001)

    Google Scholar 

  6. Bhatti, R., Bertino, E., Ghafoor, A., Joshi, J.B.D.: XML-based specification for Web services document security. IEEE Computer 37(4) (2004)

    Google Scholar 

  7. Chou, S.-C.: L nRBAC: A multiple-levelled Role-Based Access Control model for protecting privacy in object-oriented systems. J. of Object Technology 3(3), 91–120 (2004)

    Article  Google Scholar 

  8. Dowling, J., Cahill, V.: Self-managed decentralised systems using K-components and collaborative reinforcement learning. In: Proceedings of the Workshop on Self-Managed Systems (WOSS 2004), pp. 41–49 (2004)

    Google Scholar 

  9. Ferraiolo, D., Cugini, J., Kuhn, D.R.: Role-Based Access Control (RBAC): Features and motivations. In: 1995 Computer Security Applications Conference, pp. 241–248 (1995)

    Google Scholar 

  10. Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, R.D., Chandramouli, R.: Proposed NIST standard for Role-Based Access Control. ACM Transactions on Information and System Security (TISSEC) 4(3), 224–274 (2001)

    Article  Google Scholar 

  11. Ferraiolo, D., Kuhn., D.R., Chandramouli, R.: Role-Based Access Control. Artech House, Computer Security Series (2003)

    Google Scholar 

  12. Guerin, T., Lord, R.: RBAC identity management (2003), http://www.portalsmag.com/articles/default.asp?ArticleID=4923

  13. Schwoon, S., Jha, S., Reps, T., Stubblebine, S.: On generalized authorization problems. In: Proc. 16th IEEE Computer Security Foundations Workshop, Asilomar, Pacific Grove, CA, June 30 - July 2, 2003, pp. 202–218 (2003)

    Google Scholar 

  14. http://shibbolethinternet2.edu

  15. Simon, R., Zurko, M.: Separation of duty in role-based environments. In: Proceedings of 10th IEEE Computer Security Foundations Workshop, Rockport, Mass., pp. 183–194 (June 1997)

    Google Scholar 

  16. Strembeck, M.: Conflict checking of separation of duty constraints in RBAC-implementation experiences, http://wi.wu-wien.ac.at/home/mark/publications/se2004.pdf

  17. Strembeck, M., Neumann, G.: An integrated approach to engineer and enforce context constraints in RBAC environments. ACM Transactions on Information and System Security 7(3), 392–427 (2004)

    Article  Google Scholar 

  18. Zhang, X., Park, J., Sandhu, R.: Schema based XML security: RBAC approach. In: Seventeenth IFIP 11.3 Working Conference on Data and Application Security, Estes Park, Colorado, USA, August 4-6 (2003)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Stord/Haugesund University College, Bjørnsonsg. 45, 5528, Haugesund, Norway

    Sylvia Encheva

  2. IT-Dept., University of Bergen, P.O. Box 7800, 5020, Bergen, Norway

    Sharil Tumin

Authors
  1. Sylvia Encheva
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Sharil Tumin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of ITEE, The University of Queensland, Australia

    Xiaofang Zhou

  2. School of Computer Science and Technology, Heilongjiang University, China

    Jianzhong Li

  3. School of Information Technology and Electrical Engineering, The University of Queensland, Brisbane, QLD, Australia

    Heng Tao Shen

  4. Institute of Industrial Science, The University of Tokyo, 4-6-1 Komaba, Meguro-ku, 153-8505, Tokyo, Japan

    Masaru Kitsuregawa

  5. Victoria University, Australia

    Yanchun Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Encheva, S., Tumin, S. (2006). Sharing Protected Web Resources Using Distributed Role-Based Modeling. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds) Frontiers of WWW Research and Development - APWeb 2006. APWeb 2006. Lecture Notes in Computer Science, vol 3841. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11610113_47

Download citation

  • DOI: https://doi.org/10.1007/11610113_47

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31142-3

  • Online ISBN: 978-3-540-32437-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation