TY - JOUR
T1 - A security policy framework for context-aware and user preferences in e-services
AU - Sliman, Layth
AU - Biennier, Frédérique
AU - Badr, Youakim
PY - 2009/4
Y1 - 2009/4
N2 - In today's dynamic and distributed markets a large spectrum of services is delivered through information and communication technologies. Emerging markets of e-services lie at the intersection of non-traditional user behaviour, and cyber-partnerships of enterprises to deliver innovative services. Current approaches to manage and control security demonstrate lacks in terms of security policy matching and integration in heterogeneous e-service environments. In this paper, we introduce a framework to support role-based access control for distributed services focusing on the integration of customer preferences. The framework aims to collect and generate policy-based security measures in cross-organisational scenarios. In addition to catering to specifications of security and business policies, the ability to integrate contextual information and user preferences make the role-based framework flexible and express a variety of access policies that provide a just-in-time permission activation.
AB - In today's dynamic and distributed markets a large spectrum of services is delivered through information and communication technologies. Emerging markets of e-services lie at the intersection of non-traditional user behaviour, and cyber-partnerships of enterprises to deliver innovative services. Current approaches to manage and control security demonstrate lacks in terms of security policy matching and integration in heterogeneous e-service environments. In this paper, we introduce a framework to support role-based access control for distributed services focusing on the integration of customer preferences. The framework aims to collect and generate policy-based security measures in cross-organisational scenarios. In addition to catering to specifications of security and business policies, the ability to integrate contextual information and user preferences make the role-based framework flexible and express a variety of access policies that provide a just-in-time permission activation.
UR - http://www.scopus.com/inward/record.url?scp=63649103385&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=63649103385&partnerID=8YFLogxK
U2 - 10.1016/j.sysarc.2008.12.001
DO - 10.1016/j.sysarc.2008.12.001
M3 - Article
AN - SCOPUS:63649103385
SN - 1383-7621
VL - 55
SP - 275
EP - 288
JO - Journal of Systems Architecture
JF - Journal of Systems Architecture
IS - 4
ER -