W. Essmayr, S. Probst, E. Weippl. Role-based access controls: status, dissemination, and prospects for generic security mechanisms. Int. Journal of Electronic Commerce Research, volume 4, number 1-2, pages 127-156, 2004.
- Wolfgang Essmayr
- Stefan Probst
- Edgar Weippl
|Journal||Int. Journal of Electronic Commerce Research|
||This paper presents a survey of the fundamental security models that have been used in the research and development of access control mechanisms. While various approaches have been tried for special-purpose systems, the system architecture we will sketch is that of a general-purpose framework for Java software development. In addition we will elaborate on recent improvements of role-based access control and point to future challenges. For a number of years security features have often been added to existing software causing many of the well-known deficiencies found in most software products. However, with the rise of component-based software development security models could also be made available for reuse. GAMMA, a current research project at the Software Competence Center Hagenberg, aims to achieve this. Within this paper we analyze current research, commercial products and their shortcomings to lay the foundation for Generic Authorization Mechanisms for Multi-Tier Applications (GAMMA).