The administration of authorizations in modern Web-based computing environments has become a primary concern. Application security is characterized by a significant complexity, due to the large number of variations and combinations of objects and operations to be protected. Thus, there is a need for data, processes and context parameters, like time and location, to be combined into a security model that ensures correct decision-making for access. Moreover, access control must often be based on dynamic functional requirements that are capable of embedding the required context information to express application-level access control policies in new application domains, as for example Internet workflow applications. In this work a new paradigm of dynamic and decentralized administration of access control that is based on the DARBAC model is presented. DARBAC concerns access control for a wide-range of collaborative applications and aims to provide fine-grained and dynamic administration of authorizations. The presented implementation assumes Web-based applications to support enforcing of access control at a distributed platform level, and it demonstrates in a step-by-step basis the construction of DARBAC components and their management during run-time. © 2006 International Federation for Information Processing.
CITATION STYLE
Mattas, A., Mavridis, I., & Pagkalos, I. (2006). A paradigm for dynamic and decentralized administration of access control in workflow applications. IFIP International Federation for Information Processing, 201, 196–207. https://doi.org/10.1007/0-387-33406-8_17
Mendeley helps you to discover research relevant for your work.