By Topic

Three-Layers Role-Based Access Control Framework in Large Financial Web Systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

3 Author(s)
Zhichao Wen ; Coll. of Comput. Sci., Zhejiang Univ., Hangzhou, China ; Bo Zhou ; Di Wu

There are lots of sensitive and confidential data in financial field, such as credit card number, stock number, fund number and so on. Therefore, top level security requirement is always required in financial systems, where a good access control framework is necessary. Traditional role-based access control frameworks lack of control in data access granularity and often slow down the system, even though it provides an efficient access control model which can restrict users' operation according to their roles. They can hardly meet the requirements in large financial system. This article proposes and implements a Three-Layer Role-based Access Control framework (TL-RBAC) which can perfectly meet the requirements in large financial system. TL-RBAC implements access control in three layers: web pages, operations and data. Coarse-grained access control in web pages layer is used to filter anonymous attacks such as web scan and DoS attacks. Fine-grained access control in operations and data layers guarantee that the user cannot do operations and access data out of his privilege. Performance testing report of the system shows that TL-RBAC meets the performance requirement in terms of system throughput and time per operation.

Published in:

Computational Intelligence and Software Engineering, 2009. CiSE 2009. International Conference on

Date of Conference:

11-13 Dec. 2009