Role-based access controls: status, dissemination, and prospects for generic security mechanisms

Authors Wolfgang Essmayr
Stefan Probst
Edgar Weippl
Title Role-based access controls: status, dissemination, and prospects for generic security mechanisms
Type article
Journal Int. Journal of Electronic Commerce Research
Number 1-2
Volume 4
ISSN 1389-5753
Year 2004
Pages 127-156
SCCH ID# 223
Abstract

This paper presents a survey of the fundamental security models that have been used in the research and development of access control mechanisms. While various approaches have been tried for special-purpose systems, the system architecture we will sketch is that of a general-purpose framework for Java software development. In addition we will elaborate on recent improvements of role-based access control and point to future challenges. For a number of years security features have often been added to existing software causing many of the well-known deficiencies found in most software products. However, with the rise of component-based software development security models could also be made available for reuse. GAMMA, a current research project at the Software Competence Center Hagenberg, aims to achieve this. Within this paper we analyze current research, commercial products and their shortcomings to lay the foundation for Generic Authorization Mechanisms for Multi-Tier Applications (GAMMA).