Information Technology Reference
In-Depth Information
access in web-based collaboration environments. We have motivated the need for con-
sidering context-dependent parameters such as the identificationmechanism in the access
control decision in web-based collaboration environments. Furthermore, we have mod-
eled context-dependency with RBAC.We have shown how to model contexts as partially
ordered sets and how complex context-dependent role hierarchies can be obtained in an
efficient and systematic way. The combination of context-dependent aspects for web-
based collaboration environments and their modeling in RBAC goes beyond what is
done in today's web practice and allows new possibilities.
References
1. Bafoutsou, G., Metzas, G.: Review and functional classification of collaborative systems.
International Journal of Information Management (2002) 281-305
2. Meier, C., Benz, H.: Business process requirements and paradigm of co-operative work:
Enhanced Platform. UNITE Project Deliverable (2002) http://www.unite-project.org
3. Freier, A., Karlton, P., Kocher, P.: The SSL protocol version 3.0. Internet Draft (1996)
4. Dierks, C., Allen, C.: The TLS protocol version 1.0. RFC 2246 (1999)
5. Fielding, R., Gettys, J., Mogul, J., Frystyk, H., Masinter, L., Leach, P., Berners-Lee, T.:
Hypertext Transfer Protocol—HTTP/1.1. RFC 2616 (1999)
6. Kristol, D., Montulli, L.: HTTP State Management Mechanism. RFC 2109 (1997)
7. Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for role-based access control: towards
a unified standard. In: 5th ACM workshop on Role-based Access Control, (2000)
8. Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST standard
for role-based access control. ACM Trans. on Inf. and Syst. Security
4
(2001)
9. Bertino, E., Pagani, E., Rossi, G., Samarati, P.: Protecting information on the web. Comm.
of the ACM
43
(2000)
10. Joshi, J., Aref, W., Spafford, E.: Security models for web-based applications. Comm. of the
ACM
44
(2001)
11. Zapf, M., Reinema, R., Wolf, R., Turpe, S.: UNITE — an agent-oriented teamwork environ-
ment. In: 4th Intern. Workshop, MATA 2002. Number 2521 in LNCS, (2002) 302-315
12. Sandhu, R.: Role activation hierarchies. In: 3rdACMworkshop on Role-based access control,
(1998)
13. Davey, B., Priestley, H.: Introduction to Lattices and Order. Cambridge Univ Press (2002)
14. Jonsson, B.: Arithmetic of ordered sets. In Rival, J., ed.: Ordered Sets. Proceedings of the
NATO Advanced Study Institute. (1981)
15. Barkley, J., Cincotta, A., Ferraiolo, D., Gavrilla, S., Kuhn, D.: Role-based access control for
the world wide web. In: 20th National Information Systems Security Conference. (1997)
16. Park, J., Sandhu, R., Ahn, G.: Role-based access control on the web. ACM Trans. on Inf. and
Syst. Security
4
(2001)
17. Tari, Z., Chan, S.: A role-based access control model for intranet security. IEEE Internet
Computing
1
(1997)
18. Chadwick, D., Otenko, A.: The PERMIS X.509 role based privilege management infrastruc-
ture. In: 7th ACM Symposium on Access Control Models and Technologies, (2002)
19. Covington, M., Moyer, M., Ahamad, M.: Generalized role-based access control for securing
future applications. In: 23rd Nat. Inform. Syst. Security Conference, Baltimore, MD (2000)
20. Georgiadis, C., Mavridis, I., Pangalos, G., Thomas, R.: Flexible team-based access control
using contexts. In: 6thACMSymposium onAccess Control Models and Technologies. (2001)
21-30
