Supporting Customized Views for Enforcing Access Control Constraints in Real-Time Collaborative Web Applications
Real-time collaborative Web applications allow multiple users to concurrently work on a shared document. In addition to popular use cases, such as collaborative text editing, they can also be used for form-based business applications that often require forms to be filled out by different stakeholders. In this context, different users typically need to fill in different parts of a form. Role-based access control and entailment constraints provide means for defining such restrictions. Major challenges in the context of integrating collaborative Web applications with access control restrictions are how to support changes of the configuration of access constrained UI elements at runtime, realizing acceptable performance and update behaviour, and an easy integration with existing Web applications. In this paper, we address these challenges through a novel approach supporting constrained and customized UI views that support runtime changes and integrate well with existing Web applications. Using a prototypical implementation, we show that the approach provides acceptable update behaviour and requires only a small performance overhead for the access control tasks with linear scalability.
Unable to display preview. Download preview PDF.
- 2.Berry, L., Bartram, L., Booth, K.S.: Role-based control of shared application views. In: 18th ACM Symposium on User Interface Software and Technology (UIST), pp. 23–32 (2005)Google Scholar
- 5.Farwick, M., Agreiter, B., White, J., Forster, S., Lanzanasto, N., Breu, R.: A web-based collaborative metamodeling environment with secure remote model access. In: Benatallah, B., Casati, F., Kappel, G., Rossi, G. (eds.) ICWE 2010. LNCS, vol. 6189, pp. 278–291. Springer, Heidelberg (2010)CrossRefGoogle Scholar
- 6.Fowler, M.: Presentation model. Essay (July 2004)Google Scholar
- 7.Gaubatz, P., Zdun, U.: Supporting entailment constraints in the context of collaborative web applications. In: 28th Symposium on Applied Computing (2013)Google Scholar
- 8.Heinrich, M., Lehmann, F., Springer, T., Gaedke, M.: Exploiting single-user web applications for shared editing: a generic transformation approach. In: Proceedings of the 21st International Conference on World Wide Web, pp. 1057–1066 (2012)Google Scholar
- 9.Hummer, W., Gaubatz, P., Strembeck, M., Zdun, U., Dustdar, S.: An integrated approach for identity and access management in a SOA context. In: 16th ACM Symposium on Access Control Models and Technologies (SACMAT) (2011)Google Scholar
- 11.Kalam, A.A.E., Benferhat, S., Miège, A., Baida, R.E., Cuppens, F., Saurel, C., Balbiani, P., Deswarte, Y., Trouessin, G.: Organization based access control. In: 4th IEEE Int. Workshop on Policies for Distributed Systems and Networks (2003)Google Scholar
- 13.Mallouli, W., Orset, J.M., Cavalli, A., Cuppens, N., Cuppens, F.: A formal approach for testing security rules. In: 12th ACM Symposium on Access Control Models and Technologies (SACMAT), pp. 127–132. ACM (2007)Google Scholar
- 15.Smith, J.: WPF apps with the Model-View-ViewModel design pattern. MSDN Magazine (2009)Google Scholar
- 17.Strembeck, M.: Scenario-driven Role Engineering. IEEE Security & Privacy 8(1) (January/February 2010)Google Scholar
- 20.Wainer, J., Barthelmes, P., Kumar, A.: W-RBAC - A Workflow Security Model Incorporating Controlled Overriding of Constraints. International Journal of Cooperative Information Systems (IJCIS) 12(4) (December 2003)Google Scholar