Enforcing Role-Based Access Controls in Software Systems with an Agent Based Service Oriented Approach

Date

2007-06-25

Advisors

Journal Title

Journal ISSN

ISSN

Volume Title

Publisher

IEEE

Type

Conference

Peer reviewed

Yes

Abstract

Access control is often used to make restrictions to the resources in a system so that these resources can only be accessed by those who have the corresponding privilege. Role-based access controls (RBAC) model introduces roles into access control so that the privilege is assigned to role and access control can be managed easily by defining the role of the users and inheritance structure of the roles. Although the RBAC model has been well accepted, it turns out to have some problems in applying RBAC to an existing system: an existing system is generally not organised in roles; it is very hard to add the access control functions to each module of an existing system. In this paper, an agent-based service oriented approach that helps existing systems be migrated to RBAC for software evolution is proposed. The architecture and working flow of the approach are presented and an example showing how to use the proposed framework and methodology is illustrated.

Description

Keywords

Citation

Chen, F., Li, S. and Yang, H. (2007) Enforcing Role-Based Access Controls in Software Systems with an Agent Based Service Oriented Approach. 2007 IEEE International Conference on Networking, Sensing and Control, London, pp. 483-488

Rights

Research Institute

Cyber Technology Institute (CTI)