We propose a simple and complete method to determine the needed rights for roles in a system. We make use of the concept of use cases, commonly used to determine requirements in object-oriented system development. We extend use cases with rights specifications and we determine all of a role’s rights from the collection of all use cases for the system. This method is in strict accordance with the least privilege principle.
Mendeley saves you time finding and organizing research
Choose a citation style from the tabs below