Abstract
Web-based systems like enterprise and e-government portals pose special requirements to information security. Today’s portal platforms provide some security functionality, mainly targeting at supporting a single-sign-on for the underlying applications. We argue that single-sign-on is not sufficient, but rather a mature security service is needed as a central authorization instance. As access control is needed on different levels of a portal architecture, only this allows an integrated approach to security management. We present CSAP (Communication Security, Authentication, and Privacy), a flexible security system for enterprise and e-government portals. CSAP was originally developed within the EU-funded research project “Webocracy”. Meanwhile, various enhancements to CSAP have been made, which are being discussed in this paper. The major enhancement is a Metadata-based Access Control facility (MBAC) which allows more flexibility in highly open and heterogeneous systems. We use CSAP within two portal prototypes, one in an enterprise one in an e-government context, which are being presented as case studies.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Adam, N.R., Atluri, V., Bertino, E., Ferrari, E.: A Content-based Authorization Model for Digital Libraries. IEEE Transactions on Knowledge and Data Engineering 14(2) (March/April 2002)
Biskup, J.: Credential-basierte Zugriffskontrolle: Wurzeln und ein Ausblick. 32. Jahrestagung der Gesellschaft für Informatik e.v (GI), Dortmund, Germany, pp. 423-428 (September/October 2002)
Broekstra, J., Kampman, A., van Harmelen, F.: Sesame: A Generic Architecture for Storing and Querying RDF and RDF Schema. In: Horrocks, I., Hendler, J. (eds.) ISWC 2002. LNCS, vol. 2342, p. 54. Springer, Heidelberg (2002)
Dridi, F., Fischer, M., Pernul, G.: CSAP an adaptable security module for the e-government system Webocrat. In: Proc. of the 18th IFIP International Information Security Conference (SEC 2003), Athens, Greece (May 2003)
Dridi, F., Muschall, B., Pernul, G.: Administration of an RBAC System. In: Proc. of the 37th Annual Hawaii International Conference on System Sciences (HICSS 2004), Big Island, Hawaii, USA (January 2004)
Dridi, F., Pernul, G., Sabol, T.: The Webocracy Project: Overview and Security Aspects. In: Schnurr, H.-P., et al. (eds.) Professionelles Wissensmanagement: Erfahrungen und Visionen, Aachen, Germany (2001)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Kuhn, D., Chandramouli, R.: Proposed NIST Standard for Role-based Access Control. ACM Transactions on Information and Systems Security 4(3) (August 2001)
ITU-T Recommendation X.509: The Directory – Public Key and Attribute Certificate Frameworks (2000)
Priebe, T., Fernandez, E.B., Mehlau, J.I., Pernul, G.: A Pattern System for Access Control. In: Proc. of the Proc. 18th Annual IFIP WG 11.3 Working Conference on Data and Application Security, Sitges, Spain (July 2004) (to appear)
Priebe, T., Pernul, G.: Towards Integrative Enterprise Knowledge Portals. In: Proc. of the Twelfth International Conference on Information and Knowledge Management (CIKM 2003), New Orleans, LA, USA (November 2003)
Resource Description Framework (RDF) Model and Syntax Specification. W3C Recommendation (1999), http://www.w3.org/TR/1999/REC-rdf-syntax-19990222/
The Platform for Privacy Preferences 1.0 (P3P1.0) Specification. W3C Recommendation (2002), http://www.w3.org/TR/2002/REC-P3P-20020416/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Priebe, T., Muschall, B., Dobmeier, W., Pernul, G. (2004). A Flexible Security System for Enterprise and e-Government Portals. In: Galindo, F., Takizawa, M., Traunmüller, R. (eds) Database and Expert Systems Applications. DEXA 2004. Lecture Notes in Computer Science, vol 3180. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30075-5_85
Download citation
DOI: https://doi.org/10.1007/978-3-540-30075-5_85
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-22936-0
Online ISBN: 978-3-540-30075-5
eBook Packages: Springer Book Archive