Extended Role Access Control Model for Web Applications Based on Path Hierarchy

Full text (.pdf)
Issue
Authors
Kononov, Dmitry D.; Isaev, Sergey V.
Contact information
Kononov, Dmitry D.: Institute of Computational Modeling of SB RAS 50/44 Akademgorodok Str., Krasnoyarsk, 660036, Russia; ; Isaev, Sergey V.: Institute of Computational Modeling of SB RAS 50/44 Akademgorodok Str., Krasnoyarsk, 660036, Russia;
Keywords
security models; access control; web applications
Abstract

Web applications security is a complex problem with several aspects. One aspect is access control according to specified security policy. Access control is accomplished by security model restrictions. This research is dedicated to developing security access control model for web applications. This work describes path-based RBAC model, which improves RBAC and allows flexible access control using request path (URI). Authors created guidelines to apply model’s elements for real-world web applications. Developing web applications with model described allows reducing security risks

Pages
748-754
Paper at repository of SibFU
https://elib.sfu-kras.ru/handle/2311/109145