CSAP - an adaptable security module for the e-government system Webocrat

IFIP Advances in Information and Communication Technology

Volumn 122, Issue , 2003, Pages 301-312

  Dridi, Fredj ^a   Fischer, Michael ^a   Pernul, Günther ^a  

^a UNIVERSITY OF REGENSBURG   (Germany)

Author keywords

Adaptable security systems; Role based access control (RBAC); Security architecture and services; Software design

Indexed keywords

AUTHENTICATION; OBJECT ORIENTED PROGRAMMING; SOFTWARE DESIGN;

APPLICATION DEVELOPERS; CONCEPTUAL ARCHITECTURE; E-GOVERNMENT SYSTEMS; OBJECT-ORIENTED IMPLEMENTATION; PROGRAMMING INTERFACE; ROLE-BASED ACCESS CONTROL; SECURITY ARCHITECTURE; SECURITY MANAGEMENT;

GOVERNMENT DATA PROCESSING;

EID: 84904278815     PISSN: 18684238     EISSN: None     Source Type: Book Series    
DOI: 10.1007/978-0-387-35691-4     Document Type: Conference Paper

References (16)

1. Booch, G., Rumbaugh, J., and Jacobson, I. (1999). The Unified Modeling Language Reference Manual. Addison Wesley.
2. Dridi, F. and Neumann, G. (2000). Managing security in the World Wide Web: Architecture, services, and techniques. In Janczewski, L., editor, Internet and Intranet Security Management: Risks and Solutions, pages 106-139. Hershey PA: Idea Group Publishing.
3. Dridi, F., Pernul, G., and Sabol, T. (2001). The Webocracy project: Overview and security aspects. In Schnurr, H.-P., S. Stabb, R Studer, G. S., and Sure, Y., editors, Professionelles Wissensmanagement: Erfahrungen und Visionen, pages 401-408, Aachen, Germany. Shaker Verlag.
4. Ferraiolo, D., Sandhu, R, Gavrila, S., Kuhn, D., and Chandramouli, R. (2001). Proposed NIST standard for role-based access control. ACM Transactions on Information and Systems Security, 4(3):224-274.
5. Gamma, E., Helm, R, Johnson, R, and Vlissides, J. (1995). Design Patterns: Elements of Reusable Object-Oriented Software. Addison-Wesley.
6. Giuri, L. (1999). Role-based access control on the web using java. In Proceedings of the 4th ACM workshop on Role-based access control, pages 11-18, Fairfax, Virginia.
7. Gutzmann, K. (2001). Access control and session management in the http environment. IEEE Internet Computing, 5(1):26-35.
8. Joshi, J., Ghafoor, A., Aref, W., and Spafford, E. (2001). Digital government security infrastructure design challenges. Computer, 34(2).
9. Lai, C., Gong, L., Koved, L., Nadlin, A., and Schemers, R. (1999). User authentication und authorization in the java platform. In Proceedings of the 15th Annual Computer SecuTity Application Conference, pages 285-290, Phoenix, Arizona.
10. Lambrilloudakis, C., Gritzalis, S., Dridi, F., and Pernul, G. (2002). Security requirements for e-governmellt services: A methodological approach for developing a common PKI- based security policy. Comupter Communications, Special Issue on PKI.
11. Paralic, J. and Sabol, T. (2001). Implementation of e-government using knowledge based system. In Proc. of the 2nd Int. Workshop on Electronic Government within DEXA 2001, pages 364-368, Munich, Germany.
12. Paralic, J., Sabol, T., and Mach, M. (2002). A system to support e-democracy. In Proc. of the 1st eGovernment Conference within DEXA2002, pages 288-291, Aixen-Provence, France.
13. Park, J., Sandhu, R, and Ahn, G. (2001). Role-based access control on the web. ACM Transactions on Information and Systems Security, 4(1).
14. Samar, V. and Lai, C. (1996). Making login services independent of authentication technologies. In Proceedings of the 3rd ACM Conference on Computer Communications and Security.
15. Wahl, M., Howes, T., and Kille, S. (1997). Lightweight directory access protocol (v3). RFC 2251, Standards Track.
16. th Annual Working Conference on Information Security: Information Security for Global Infonnation Infrastructures, pages 491-500, Beijing, China.