Access control in e-Commerce applications by using state machines
Journal Title: Romanian Journal of Human - Computer Interaction - Year 2008, Vol 1, Issue 2
Abstract
The paper refers to a particular domain of authorization and proposes the SCAR-ACE model for role based access control in e-Commerce applications. Nowadays, there are an increasing number of Web applications that require authorization decisions. These applications include (but not limited to), e-Commerce applications, management and sharing of distributed resources, execution of downloaded code, etc. Authorizing these kinds of applications is significantly different of that of centralized systems and even of that of relatively small distributed systems. E-Commerce applications become increasingly more complex, requiring access to heterogeneous resources of users in different roles. Access control in e-Commerce applications is an important subject of nowadays scientific research. The current work proposes a safe model for role based access control without using cookies. The proposed model allows the access to system resources only for authorized users. In order to determine the flow and to control the access to the resources in a distributed application, is introduced the notion of role as an intermediary between a user and its permissions. Each role has attached a set of permissions (or privileges) to access the resources and operations. The model is validated by a set of tests and by experimental results.
Authors and Affiliations
Mihaela Ordean, Dorian Gorgan
Keywords
Related Articles
- EP ID EP28750
- DOI -
- Views 507
- Downloads 16
Image recommendation system based on social, semantic and visual characteristics
The article presents recommendation systems in terms of the most important aspects and types of algorithms used in different approaches and implementations, as well as issues which arise and need to be overcome. The appl...
WebVOX – a Solution for Web Page Accessibility Improvement for Persons with Reading Deficiency
This paper presents the WebVOX system, for Web page accessibility improvement for persons with reading deficiency. The presented solution addresses peoples with dyslexia, low literacy and reading skills, learning difficu...
Using Software for Decoding and Analysis of Physiological Reactivity in Human Higher Cognitive Processes
The scientific data obtained by the polygraph technique concerning the human psychophysiological reactivity has been disputed by a part of the scientific community, who invoke the lack of consistent theories which would...
A Corpus of Multi-participant Conversations and an Editor for its Annotation
The paper presents the details and the history of building a corpus of instant messenger (chat) conversations with multiple participants used for Computer-Supported Collaborative Learning. Two XML annotation schemas are...
Adaptive Student E-Learning System
In this article we will describe the theoretical basis, models and standards of adaptive student learning. In the last part of the paper there will be a presentation of the educational application Sintegro_AE, a desktop...