By Topic

An object-oriented organizational model to support dynamic role-based access control in electronic commerce applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

1 Author(s)
Cheng, E.C. ; Birkbeck Coll., London Univ., UK

Role-based access control (RBAC) provides flexibility to security management over the traditional approach of using user and group identifiers. In RBAC, access privileges are given to roles rather than to individual users. Users acquire the corresponding permissions when playing different roles. Roles can be defined simply as a label, but such an approach lacks the support to allow users to automatically change roles under different contexts; this static method also adds administrative overheads in role assignment. In electronic commerce and other cooperative computing environments, access to shared resources has to be controlled in the context of the entire business process; it is therefore necessary to model dynamic roles as a function of resource attributes and contextual information. In this paper, an object-oriented organizational model, OMM, is presented as an underlying model to support dynamic role definition and role resolution in RBAC. The paper describes the OMM reference model and shows how it can be applied flexibly to capture the different classes of resources within a corporation, and to maintain the complex and dynamic roles and relationships between the resource objects. Administrative tools use the role model in OMM to define security policies for role definition and role assignment. At runtime, the resource manager queries the OMM system to resolve roles in order to authorize any access attempts. Similarly, cooperative computing software uses OMM to support task assignment and access control to business processes. Contrary to traditional approaches, OMM separates the organization model from the application model; thus it allows independent and flexible role modeling to reflect realistically a dynamic authorization subsystem in a rapidly changing business world.

Published in:

Systems Sciences, 1999. HICSS-32. Proceedings of the 32nd Annual Hawaii International Conference on  (Volume:Track8 )

Date of Conference:

5-8 Jan. 1999