The Center for Education and Research in Information Assurance and Security (CERIAS)

The Center for Education and Research in
Information Assurance and Security (CERIAS)
Center for Education and Research in Information Assurance and Security

Security Models for Web-Based Applications

Author

James B. D. Joshi, Walid G. Aref, Arif Ghafoor, Eugene H. Spafford

Entry type

article

Abstract

The paper presents a comparative assessment of the suitability of exisitng access control models for use in web-based applciations.

Date

2001 – February

Address

1515 Broadway, New York, NY 10036-5701, USA

Institution

Purdue University

Journal

Communications of the ACM

Key alpha

author

Number

2

Organization

CERIAS

Pages

38-48

Publisher

ACM

Volume

44

Affiliation

School of Electrican and Computer Engineering, Department of Computer Science, Schoold of Electrical and Computer Engineering, Department oc Computer Sciences and CERIAS

Bibdate

February, 2001

Publication Date

0000-00-00

Contents

Security in the web environment Justification for access control Access control models Discretionary access control model Mandatory access control model Role-based access control model Access control models for tasks and workflows Agent-based approach Certificate-based Approach Discussion/Conclusion

Keywords

access control, security, rbac,

Language

english

Subject

Somparative assessment of access control models for use in web-based applications.

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.