Integration of Access Control in Information Systems: From Role Engineering to Implementation

Abstract : Pervasive computing and proliferation of smart gadgets lead organizations to open their information systems, especially by extensive use of mobile technology: information systems must be available any-time, any-where, on any media. This cannot be done reasonably without thorough access control policies. Such access control must be able to deal with user profile, time and even with more complex contexts including geographical position. This paper shows that it is possible to take into account confidentiality constraints straight into the logical data model in a homogeneous way, for various aspects generally treated independently (user profile, time, geographical position, etc.). We propose a language called RAPOOL which allows the expression of authorizations at the class level. We first present the syntactical aspects, then the semantics of the language, based on the object-oriented paradigm.
Type de document :
Article dans une revue
Informatica, Slovene Society Informatika, Ljubljana, 2006, 1, 30, pp.87-95
Liste complète des métadonnées

https://hal.archives-ouvertes.fr/hal-01581366
Contributeur : Équipe Gestionnaire Des Publications Si Liris <>
Soumis le : lundi 4 septembre 2017 - 15:16:19
Dernière modification le : vendredi 10 novembre 2017 - 01:21:15

Identifiants

  • HAL Id : hal-01581366, version 1

Collections

Citation

Romuald Thion, Stéphane Coulondre. Integration of Access Control in Information Systems: From Role Engineering to Implementation. Informatica, Slovene Society Informatika, Ljubljana, 2006, 1, 30, pp.87-95. 〈hal-01581366〉

Partager

Métriques

Consultations de la notice

27