Designing secure e‐commerce with role‐based access control
Author: Yang, Cungang
Source: International Journal of Web Engineering and Technology, Volume 3, Number 1, 1 December 2006 , pp. 73-95(23)
Publisher: Inderscience Publishers
Abstract:In this paper, an Object‐Oriented Role‐Based Access Control (ORBAC) model for e‐commerce is introduced. Based on the model, an efficient method for managing ORBAC security policies using eXtensible Markup Language (XML) and a role assignment algorithm are presented. The proposed method using digital credentials and an XML‐based security policy greatly simplifies security policy administration for e‐commerce. Also, an implementation of e‐commerce applications is described. Unlike most existing approaches, with our approach the authorisation is independently defined and is separated from implementation mechanisms.
Document Type: Research Article
Affiliations: Department of Electrical and Computer Engineering, Ryerson University, Toronto, Ontario M5B 2K3, Canada
Publication date: December 1, 2006