Role-based access control in software services: theory vs. practice

0369836 - ÚGN 2013 RIV US eng C - Conference Paper (international conference)
Lasoň, M. - Jakl, Ondřej
Role-based access control in software services: theory vs. practice.
International Symposium on Symbolic and Numeric Algorithms for Scientific Computing /12./. Piscataway: IEEE Computer Society, 2010 - (Ida, T.; Negru, V.; Jebelean, T.; Petcu, D.; Watt, S.; Zaharie, D.), s. 465-470. ISBN 978-0-7695-4324-6.
[International Symposium on Symbolic and Numeric Algorithms for Scientific Computing. Timisoara (GR), 23.09.2010-26.09.2010]
Institutional research plan: CEZ:AV0Z30860518
Keywords : authorization management * base models * complex information
Subject RIV: IN - Informatics, Computer Science
http://www.scopus.com/record/display.url?eid=2-s2.0-79952496205&origin=resultslist&sort=plf-f&src=s&st1=jakl%2co&sid=SxFmkoemGUVBNW3-cwLRD5-%3a30&sot=b&sdt=b&sl=19&s=AUTHOR-NAME%28jakl%2co%29&relpos=0&relpos=0&searchTerm=AUTHOR-NAME%28jakl,o%29#

This paper deals with the authorization management in software services. In particular, it presents the role-based access control (RBAC) approach and elaborates it in several directions to suit the needs of real services. As an example, a complex information system developed and deployed at VŠB - Technical University of Ostrava is considered. Here, RBAC is made use of as a base model for administration of users' privileges. We explore several approaches how to extend the base RBAC model and how to build it automatically. Those ideas are confronted with the reality encountered in the development of the university information system and experiences are discussed.
Permanent Link: http://hdl.handle.net/11104/0203809