Journal of Siberian Federal University. Engineering & Technologies / Extended Role Access Control Model for Web Applications Based on Path Hierarchy

Full text (.pdf)
Issue
Journal of Siberian Federal University. Engineering & Technologies. 2018 11 (7)
Authors
Kononov, Dmitry D.; Isaev, Sergey V.
Contact information
Kononov, Dmitry D.: Institute of Computational Modeling of SB RAS 50/44 Akademgorodok Str., Krasnoyarsk, 660036, Russia; ; Isaev, Sergey V.: Institute of Computational Modeling of SB RAS 50/44 Akademgorodok Str., Krasnoyarsk, 660036, Russia;
Keywords
security models; access control; web applications
Abstract

Web applications security is a complex problem with several aspects. One aspect is access control according to specified security policy. Access control is accomplished by security model restrictions. This research is dedicated to developing security access control model for web applications. This work describes path-based RBAC model, which improves RBAC and allows flexible access control using request path (URI). Authors created guidelines to apply model’s elements for real-world web applications. Developing web applications with model described allows reducing security risks

Pages
748-754
Paper at repository of SibFU
https://elib.sfu-kras.ru/handle/2311/109145

Creative Commons License This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License (CC BY-NC 4.0).