Access control in e-Commerce applications by using state machines
Journal Title: Romanian Journal of Human - Computer Interaction - Year 2008, Vol 1, Issue 2
Abstract
The paper refers to a particular domain of authorization and proposes the SCAR-ACE model for role based access control in e-Commerce applications. Nowadays, there are an increasing number of Web applications that require authorization decisions. These applications include (but not limited to), e-Commerce applications, management and sharing of distributed resources, execution of downloaded code, etc. Authorizing these kinds of applications is significantly different of that of centralized systems and even of that of relatively small distributed systems. E-Commerce applications become increasingly more complex, requiring access to heterogeneous resources of users in different roles. Access control in e-Commerce applications is an important subject of nowadays scientific research. The current work proposes a safe model for role based access control without using cookies. The proposed model allows the access to system resources only for authorized users. In order to determine the flow and to control the access to the resources in a distributed application, is introduced the notion of role as an intermediary between a user and its permissions. Each role has attached a set of permissions (or privileges) to access the resources and operations. The model is validated by a set of tests and by experimental results.
Authors and Affiliations
Mihaela Ordean, Dorian Gorgan
Keywords
Related Articles
- EP ID EP28750
- DOI -
- Views 579
- Downloads 16
A System for the Evaluation of the Participation of a Student to a Discussion Forum
The purpose of this study is to provide a tool used in computer mediated communication and designed to support educational experiences. The application is based on the Community of Inquiry model, which consists of three...
A need, no app: just do it! But do people support dynamic composition of interactive systems for fulfilling emergent needs?
In Human Computer Interaction engineering, both the context of use (<user, platform, environment>) and the user task (<goal, procedure>) are supposed to be set at design time. However, in ubiquitous computing, the contex...
Some remarks on the relationship between the users’ personality profile and their preference for Facebook use
Recent studies focuses on topical issues related to Facebook, its use and impact on billions of young people´s social life who may accessing this website on a daily basis. User public profiles, as well as the content the...
Semantic Analysis of Source Code in Object Oriented Programming. A Case Study for C#
This paper describes the CSCRO ontology and the Sharp RDF system, used together to semantically analyze the C# source code. The CSCRO ontology formally describes the domain of C# programming language, in which the concep...
DAISY – Digital Audio Books Accessible for Persons with Visual Impairment and with Reading Difficulties
Synchronizing the text and audio files according to the DAISY standards, allows visually impaired persons to read a scientific book in similar conditions as a person with no disability. In this paper, we present the DAIS...