Abstract
As the technology grows rapidly and the new applications and systems are being developed every day, it is crucial to have proper protection. Information is becoming a strategic asset and because it is often of sensitive nature, it ought to be secured. The paper presents how the Usage Role-based Access Control model introduces improvement to the logical security of information systems. The model is presented in the light of currently used and existing access control models and implemented in a form of a simplified ebook store application.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ferraiolo, D., Sandhu, R.S., Gavrila, S., Kuhn, D.R., Chandramouli, R.: Proposed NIST Role-Based Access control. ACM TISSEC (2001)
Park, J., Zhang, X., Sandhu, R.: Attribute Mutability in Usage Control. In: 18th IFIP WG 11.3 Working Conference on Data and Applications Security (2004)
Lazouski, A., Martinelli, F., Mori, P.: Usage control in computer security: A survey. Computer Science Review 4(2), 81–99 (2010)
Pretschner, A., Hilty, M., Basin, D.: Distributed usage control. Communications of the ACMÂ 49(9) (September 2006)
Zhang, X., Parisi-Presicce, F., Sandhu, R., Park, J.: Formal Model and Policy Specification of Usage Control. ACM TISSEC 8(4), 351–387 (2005)
Poniszewska-Maranda, A.: Conception Approach of Access Control in Heterogeneous Information Systems using UML. Journal of Telecommunication Systems 45(2-3), 177–190 (2010)
Strembeck, M., Neumann, G.: An Integrated Approach to Engineer and Enforce Context Constraints in RBAC Environments. ACM TISSECÂ 7(3) (2004)
Bertino, E., Ferrari, E., Atluri, V.: The Specification and Enforcement of Authorization Constraints in Workflow Management Systems. ACM TISSEC 2(1)
Poniszewska-Maranda, A.: Modeling and design of role engineering in development of access control for dynamic information systems. Bulletin of the Polish Academy of Sciences, Technical Science (accepted, 2013)
Kim, D., Solomon, M.: Fundamentals of Information Systems Security. Jones & Bartlett Learning (2012)
Ferraiolo, D.F., Kuhn, D.R., Chandramouli, R.: Role-Based Access Control, 2nd edn. Artech House (2007)
Hu, V.C., Ferraiolo, D.F., Kuhn, D.R.: Assessment of Access Control Systems, Interagency Report 7316, NIST (2006)
Stewart, J.M., Chapple, M., Gibson, D.: CISSP: Certified Information Systems Security Professional Study Guide, 6th edn. John Wiley & Sons (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Poniszewska-Maranda, A., Rutkowska, R. (2014). Implementation of Usage Role-Based Access Control Approach for Logical Security of Information Systems. In: SwiÄ…tek, J., Grzech, A., SwiÄ…tek, P., Tomczak, J. (eds) Advances in Systems Science. Advances in Intelligent Systems and Computing, vol 240. Springer, Cham. https://doi.org/10.1007/978-3-319-01857-7_13
Download citation
DOI: https://doi.org/10.1007/978-3-319-01857-7_13
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-01856-0
Online ISBN: 978-3-319-01857-7
eBook Packages: EngineeringEngineering (R0)