Dynamic access control framework for enterprise content management systems

Abstract

With the large adoption of telework business model, employees can work anytime, anywhere and sometimes with their own personal devices due to the limited financial capabilities of their companies. Many issues of the security and access control of remote exchanges of Enterprise Content Management systems (ECM) have to be considered. In particular, the access control should be adapted to employees’ context, their multiple device capabilities as well as their profiles and situations to increase the usability of the system. However, most access control models do not take into account the users’ profiles and the variability of their devices in open network. They also focus on the continuous intervention of administrators to manage the system and add new devices and set parameters. With the diversity of users’ devices and context conditions in telework, access control needs to be dynamically managed to reduce human intervention. In this paper, we suggest an agent-based access control framework that focuses on M5StickC external device used as an access badge. The framework is based on a multi-level rule engine to dynamically generate policies according to users’ context, profile and device. It is implemented and proposed as an open-source solution for small companies to manage their own ECM access control.