A Novel Access Control Model Based on the Structure of Applications

Abstract

Nowadays, access control has an important role in the management of access to resources in the networks and applications. The establishment of access control in applications is important particularly. Traditional methods of access control, manage the users’ access only at data-centric level. In this paper a new model is presented in which the access control in applications is performed not only at data-centric level but also at component and plug-in levels. By applying the proposed model, the execution of plug-ins or components will be authorized only in the case of enrollment process and in the necessary authorities. In addition, users can access to plug-ins and components only in the case of gaining the necessary authorities. By using the proposed model, the access control can be applied based on both operational needs and applications capabilities accurately.