Security Models for Web-Based Applications
Author
James B. D. Joshi, Walid G. Aref, Arif Ghafoor, Eugene H. Spafford
Abstract
The paper presents a comparative assessment of the suitability
of exisitng access control models for use in web-based
applciations.
Address
1515 Broadway, New York, NY 10036-5701, USA
Institution
Purdue University
Journal
Communications of the ACM
Affiliation
School of Electrican and Computer Engineering, Department of Computer Science, Schoold of Electrical and Computer Engineering, Department oc Computer Sciences and CERIAS
Publication Date
0000-00-00
Contents
Security in the web environment
Justification for access control
Access control models
Discretionary access control model
Mandatory access control model
Role-based access control model
Access control models for tasks and workflows
Agent-based approach
Certificate-based Approach
Discussion/Conclusion
Keywords
access control, security, rbac,
Subject
Somparative assessment of access control models for use in
web-based applications.