Abstract
The protection of data in information systems against improper disclosure or modification is an important requirement of each system. Nowadays the information systems of enterprises are more and more open, more information is easy accessible for the users, so it is important to better protect the confidential information. The paper presents a software tool for managing the security of enterprise information system on the access control level from the point of view of security administrator. The security administrator who is responsible for information system security will obtain a tool that facilitate the management of one of security aspects, namely the management of access control of users to data stored in a system. However, the application developers can also use such tool to define the access control rules for application elements created on the conception level.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Castano, S., Fugini, M., Martella, G., Samarati, P.: Database Security. ACM Press, Addison-Wesley (1994)
Sandhu, R., Munawer, Q.: How to do Discretionary Access Control Using Roles. In: Proceeding of 3rd ACM Workshop on Role-Based Access Control (1998)
Ferraiolo, D., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST Role-Based Access Control. ACM Transactions on Information and Systems Security TISSECÂ 4(3) (2001)
Goncalves, G., Poniszewska-Maranda, A.: Role engineering: from design to evaluation of security schemas. Journal of Systems and Software 81 (2008)
Poniszewska-Maranda, A., Goncalves, G., Hemery, F.: Representation of Extended RBAC Model Using UML Language. In: Vojtáš, P., Bieliková, M., Charron-Bost, B., Sýkora, O. (eds.) SOFSEM 2005. LNCS, vol. 3381, pp. 413–417. Springer, Heidelberg (2005)
Poniszewska-Marańda, A.: Conception Approach of Access Control in Heterogeneous Information Systems using UML. Journal of Telecommunication Systems 44 (2010)
Sandhu, R., Samarati, P.: Access control: Principles and practice. IEEE Communication 32(9), 40–48 (1994)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag GmbH Berlin Heidelberg
About this chapter
Cite this chapter
Poniszewska-Maranda, A. (2012). Access Control Management Using Extended RBAC Model. In: Lipiński, P., Świrski, K. (eds) Towards Modern Collaborative Knowledge Sharing Systems. Studies in Computational Intelligence, vol 401. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-27446-6_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-27446-6_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-27445-9
Online ISBN: 978-3-642-27446-6
eBook Packages: EngineeringEngineering (R0)