Affiliation:
1. Rutgers University, Newark, NJ
Abstract
The term
information portals
refers to Web sites that serve as main providers of focused information, gathered from distributed data sources. Gathering and disseminating information through information portals introduce new security challenges. In particular, the authorization specifications, as well as the granting process, are temporal by nature. Also, more often than not, the information provided by the portal is in fact derived from more than one backend data source. Therefore, any authorization model for information portals should support access control based on temporal characteristics of the data, and also should provide tools to prevent indirect unauthorized access through the use of derived data. In this article we focus our attention on devising such an authorization model. The distinguishing features of this model include: (1) the specification of authorizations based on temporal characteristics of data, and (2) a formal framework to derive authorizations in a consistent and safe manner, based on relationships among data.
Publisher
Association for Computing Machinery (ACM)
Subject
Safety, Risk, Reliability and Quality,General Computer Science
Cited by
35 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Intrusion detection system for data warehouse with second level authentication;International Journal of Information Technology;2021-04-17
2. Temporal Access Control;Encyclopedia of Database Systems;2018
3. Control Operation Flow for Mobile Access Control with the Use of MABAC Model;Towards a Synergistic Combination of Research and Practice in Software Engineering;2017-08-06
4. Enterprise Level Security;2016-04-27
5. - Database Access;Enterprise Level Security;2016-04-27