Skip to Main content Skip to Navigation
New interface
Journal articles

Integration of Access Control in Information Systems: From Role Engineering to Implementation

Abstract : Pervasive computing and proliferation of smart gadgets lead organizations to open their information systems, especially by extensive use of mobile technology: information systems must be available any-time, any-where, on any media. This cannot be done reasonably without thorough access control policies. Such access control must be able to deal with user profile, time and even with more complex contexts including geographical position. This paper shows that it is possible to take into account confidentiality constraints straight into the logical data model in a homogeneous way, for various aspects generally treated independently (user profile, time, geographical position, etc.). We propose a language called RAPOOL which allows the expression of authorizations at the class level. We first present the syntactical aspects, then the semantics of the language, based on the object-oriented paradigm.
Document type :
Journal articles
Complete list of metadata
Contributor : Équipe gestionnaire des publications SI LIRIS Connect in order to contact the contributor
Submitted on : Monday, September 4, 2017 - 3:16:19 PM
Last modification on : Friday, September 30, 2022 - 11:34:15 AM


  • HAL Id : hal-01581366, version 1


Romuald Thion, Stéphane Coulondre. Integration of Access Control in Information Systems: From Role Engineering to Implementation. Informatica, 2006, 1, 30, pp.87-95. ⟨hal-01581366⟩



Record views