Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control

2013 ◽  
pp. 461-478
Author(s):  
S. Demurjian ◽  
H. Ren ◽  
S. Berhe ◽  
M. Devineni ◽  
Sushil Vegad ◽  
...  
Keyword(s):  
Access Control ◽  
Full Range ◽  
Coarse Grained ◽  
Role Based Access Control ◽  
Security Model ◽  
Web Portals ◽  
Web Based ◽  
Fine Grained ◽  
Role Based ◽  
The Look

Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via read-only browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which have stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.

Improving the Information Security of Collaborative Web Portals via Fine-Grained Role-Based Access Control

2010 ◽  
pp. 430-448
Author(s):  
S. Demurjian ◽  
H. Ren ◽  
S. Berhe ◽  
M. Devineni ◽  
Sushil Vegad ◽  
...  
Keyword(s):  
Access Control ◽  
Full Range ◽  
Coarse Grained ◽  
Role Based Access Control ◽  
Security Model ◽  
Web Portals ◽  
Web Based ◽  
Fine Grained ◽  
Role Based ◽  
The Look

Collaborative portals are emerging as a viable technology to allow groups of individuals to easily author, create, update, and share content via easy-to-use Web-based interfaces, for example, MediaWiki, Microsoft’s Sharepoint, and so forth. From a security perspective, these products are often limited and coarse grained in their authorization and authentication. For example, in a Wiki, the security model is often at two ends of the spectrum: anonymous users with no authorization and limited access via readonly browsing vs. registered users with full-range of access and limited oversight in content creation and modification. However, in practice, such full and unfettered access may not be appropriate for all users and for all applications, particularly as the collaborative technology moves into commercial usage (where copyright and intellectual property are vital) or sensitive domains such as healthcare (which ushave stringent HIPAA requirements). In this chapter, we report on our research and development effort of a role-based access control for collaborative Web portals that encompasses and realizes security at the application level, the document level (authoring and viewing), and the look-and-feel of the portal itself.

scholarly journals Secure Outsourced Medical Data against Unexpected Leakage with Flexible Access Control in a Cloud Storage System

2020 ◽  
Vol 2020 ◽  
pp. 1-20
Author(s):  
Xingguang Zhou ◽  
Jianwei Liu ◽  
Zongyang Zhang ◽  
Qianhong Wu
Keyword(s):  
Access Control ◽  
Medical Records ◽  
Cloud Storage ◽  
Storage System ◽  
Role Based Access Control ◽  
Security Model ◽  
Access Policy ◽  
Fine Grained ◽  
Privacy Leakage ◽  
Role Based

The application of cloud storage system has been deployed widely in recent years. A lot of electronic medical records (EMRs) are collected and uploaded to the cloud for scalable sharing among the authority users. It is necessary to guarantee the confidentiality of EMRs and the privacy of EMR owners. To achieve this target, we summarize a series of attack behaviors in the cloud storage system and present the security model against many types of unexpected privacy leakage. Privacy of unassailed EMRs is guaranteed in this model, and the influence of privacy leakage is controlled in a certain scope. We also propose a role-based access control scheme to achieve flexible access control on these private EMRs. One can access medical records only if his/her role satisfies the defined access policy, which implies a fine-grained access control. Theoretical and experimental analyses show the efficiency of our scheme in terms of computation and communication.

A Fine-Grained Access Control Approach for Parts Resource Sharing

2014 ◽  
Vol 722 ◽  
pp. 159-163
Author(s):  
Li He ◽  
Wen Lei Sun
Keyword(s):  
Access Control ◽  
Resource Sharing ◽  
Role Based Access Control ◽  
Web Based ◽  
Control Approach ◽  
Fine Grained ◽  
Resource Information ◽  
Data Object ◽  
Access Control Models ◽  
Role Based

To meet users’ actual demands for fine-grained access control (FGAC) to data object in web-based parts resource sharing platform, a FGAC approach for parts resource sharing is proposed to enable both the providers and administrators to manage the permissions of parts resource jointly. In this approach, all levels of detail (LODs) are introduced in the part resource information firstly. Then, a role-based access control model for parts resource sharing, called RBAC_PRS, is provided on the basic of RBAC (Role-Based Access Control) and O-RBAC (Owners-Based Access Control) models, and the permission administration policy is also formulated in condition of the separation between ownership and usufruct of parts resource. To provide the better authorization route, two middle layers: function sets and component sets, are added in permission-role assignment process, and each role’s assignment rules are explicitly specified in an XSLT style sheet. Furthermore, an XML-XSLT based approach is adopted to accomplish the diversity expression of user-accessible view based on FGAC. And it could ensure to practice the web-based knowledge sharing system safely.

Security in E-Health Applications

2011 ◽  
pp. 104-119
Author(s):  
Snezana Sucurovic
Keyword(s):  
Access Control ◽  
Heterogeneous Systems ◽  
Role Based Access Control ◽  
Health Care Information ◽  
Web Based ◽  
Privilege Management ◽  
Electronic Healthcare Record ◽  
Health Care Information Systems ◽  
Care Information ◽  
Role Based

This chapter presents security solutions in integrated patient-centric Web-based health-care information systems, also known as electronic healthcare record (EHCR). Security solutions in several projects have been presented and in particular a solution for EHCR integration from scratch. Implementations of Public key infrastructure, privilege management infrastructure, role based access control and rule based access control in EHCR have been presented. Regarding EHCR integration from scratch architecture and security have been proposed and discussed. This integration is particularly suitable for developing countries with wide spread Internet while at the same time the integration of heterogeneous systems is not needed. The chapter aims at contributing to initiatives for implementation of national and transnational EHCR in security aspect.

Security in E-Health Applications

2011 ◽  
pp. 1949-1964
Author(s):  
Snezana Sucurovic
Keyword(s):  
Access Control ◽  
Heterogeneous Systems ◽  
Role Based Access Control ◽  
Health Care Information ◽  
Web Based ◽  
Privilege Management ◽  
Electronic Healthcare Record ◽  
Health Care Information Systems ◽  
Care Information ◽  
Role Based

This chapter presents security solutions in integrated patient-centric Web-based health-care information systems, also known as electronic healthcare record (EHCR). Security solutions in several projects have been presented and in particular a solution for EHCR integration from scratch. Implementations of Public key infrastructure, privilege management infrastructure, role based access control and rule based access control in EHCR have been presented. Regarding EHCR integration from scratch architecture and security have been proposed and discussed. This integration is particularly suitable for developing countries with wide spread Internet while at the same time the integration of heterogeneous systems is not needed. The chapter aims at contributing to initiatives for implementation of national and transnational EHCR in security aspect.

scholarly journals Hybrid Role and Attribute Based Access Control Applied in Information Systems

2021 ◽  
Vol 21 (3) ◽  
pp. 85-96
Author(s):  
Maria Penelova
Keyword(s):  
Information Systems ◽  
Access Control ◽  
Accounting Information ◽  
Role Based Access Control ◽  
Accounting Information System ◽  
Fine Grained ◽  
Proposed Model ◽  
Control Scheme ◽  
Attribute Based Access Control ◽  
Role Based

Abstract It this paper it is proposed a new access control model – Hybrid Role and Attribute Based Access Control (HRABAC). It is an extension of Role-Based Access Control (RBAC). HRABAC is designed for information systems and enterprise software and combines the advantages of RBAC and Attribute-Based Access Control (ABAC). HRABAC is easy configurable, fine-grained and supports role hierarchies. The proposed model HRABAC describes the access control scheme in Laravel package laravelroles/rolespermissions, which is developed by the author of the paper, as an answer to the requirements of practice of fine-grained and easy configurable access control solution. Laravel is chosen, because it is the most popular and the most widely used PHP framework. The package laravelroles/rolespermissions is developed on Laravel so that maximum number of programmers could use it. This package contains working and tested functionalities for managing users, roles and permissions, and it is applied in accounting information system.

Deploying Privacy Improved RBAC in Web Information Systems

2011 ◽  
Vol 4 (2) ◽  
pp. 70-87
Author(s):  
Ioannis Mavridis
Keyword(s):  
Information Systems ◽  
Access Control ◽  
System Development ◽  
Security And Privacy ◽  
Just In Time ◽  
Role Based Access Control ◽  
Fine Grained ◽  
Web Information ◽  
Web Information Systems ◽  
Role Based

Access control technology holds a central role in achieving trustworthy management of personally identifiable information in modern information systems. In this article, a privacy-sensitive model that extends Role-Based Access Control (RBAC) to provide privacy protection through fine-grained and just-in-time access control in Web information systems is proposed. Moreover, easy and effective mapping of corresponding components is recognized as an important factor for succeeding in matching security and privacy objectives. Such a process is proposed to be accomplished by capturing and modeling privacy requirements in the early stages of information system development. Therefore, a methodology for deploying the mechanisms of an access control system conforming to the proposed Privacy Improved Role-Based Access Control (PIRBAC) model is presented. To illustrate the application of the proposed methodology, an application example in the healthcare domain is described.

Sign in / Sign up

Export Citation Format

Share Document