On security level usage in context-aware role-based access control

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F68407700%3A21230%2F16%3A00306891" target="_blank" >RIV/68407700:21230/16:00306891 - isvavai.cz</a>

Výsledek na webu

<a href="http://dl.acm.org/citation.cfm?id=2851664" target="_blank" >http://dl.acm.org/citation.cfm?id=2851664</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1145/2851613.2851664" target="_blank" >10.1145/2851613.2851664</a>

Jazyk výsledku

angličtina

Název v původním jazyce

On security level usage in context-aware role-based access control

Popis výsledku v původním jazyce

Huge contemporary trend is adding context awareness into software applications. It allows both better user experience as well as a lot useful features for application owner. Nowadays, there are various approaches enabling particular context awareness but none of them concerns security. We tackle this problem and describe it further in the paper. Our solution extends role based access control with certain context awareness elements. Based on already existing solutions we propose own lightweight, universal solutions, which allows instant enhancement of current RBAC even in existing applications. The uniqueness of our solution is based on using security levels, which are granted to user based on his context. Security levels represents how the users can be trusted and are determined during users login procedure. The levels are used as additional security constrain so to access resources in application user need to have not only right permission granted through roles, but also to have corresponding level.

Název v anglickém jazyce

On security level usage in context-aware role-based access control

Popis výsledku anglicky

Huge contemporary trend is adding context awareness into software applications. It allows both better user experience as well as a lot useful features for application owner. Nowadays, there are various approaches enabling particular context awareness but none of them concerns security. We tackle this problem and describe it further in the paper. Our solution extends role based access control with certain context awareness elements. Based on already existing solutions we propose own lightweight, universal solutions, which allows instant enhancement of current RBAC even in existing applications. The uniqueness of our solution is based on using security levels, which are granted to user based on his context. Security levels represents how the users can be trusted and are determined during users login procedure. The levels are used as additional security constrain so to access resources in application user need to have not only right permission granted through roles, but also to have corresponding level.

Druh

D - Stať ve sborníku

CEP obor

JC - Počítačový hardware a software

OECD FORD obor

—

Projekt

—

Návaznosti

S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2016

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název statě ve sborníku

Proceedings of the 31st ACM Symposium on Applied Computing (EADD Track)

ISBN

978-1-4503-3739-7

ISSN

—

e-ISSN

—

Počet stran výsledku

4

Strana od-do

1192-1195

Název nakladatele

ACM

Místo vydání

New York

Místo konání akce

Pisa

Datum konání akce

4. 4. 2016

Typ akce podle státní příslušnosti

WRD - Celosvětová akce

Kód UT WoS článku

—