A security policy framework for context-aware and user preferences in e-services

Layth Sliman, Frédérique Biennier, Youakim Badr

Research output: Contribution to journalArticlepeer-review

15 Scopus citations


In today's dynamic and distributed markets a large spectrum of services is delivered through information and communication technologies. Emerging markets of e-services lie at the intersection of non-traditional user behaviour, and cyber-partnerships of enterprises to deliver innovative services. Current approaches to manage and control security demonstrate lacks in terms of security policy matching and integration in heterogeneous e-service environments. In this paper, we introduce a framework to support role-based access control for distributed services focusing on the integration of customer preferences. The framework aims to collect and generate policy-based security measures in cross-organisational scenarios. In addition to catering to specifications of security and business policies, the ability to integrate contextual information and user preferences make the role-based framework flexible and express a variety of access policies that provide a just-in-time permission activation.

Original languageEnglish (US)
Pages (from-to)275-288
Number of pages14
JournalJournal of Systems Architecture
Issue number4
StatePublished - Apr 2009

All Science Journal Classification (ASJC) codes

  • Software
  • Hardware and Architecture


Dive into the research topics of 'A security policy framework for context-aware and user preferences in e-services'. Together they form a unique fingerprint.

Cite this