Role-based Access Control in Online Authoring and Publishing Systems vs. Document Hierarchy
|
|
- Richard Franklin
- 8 years ago
- Views:
Transcription
1 Role-based Access Control in Online Authoring and Publishing Systems vs. Document Hierarchy Z. Zhang, E. Haffner, A. Heuer, T. Engel, Ch. Meinel Institute for Telematics Bahnhofstr , Trier, Germany Tel.: {zhang, haffner, heuer, engel, meinel}@ti.fhg.de ABSTRACT How to structure diverse (documentation) information sources of an enterprise and how to arrange a workflow with access control are two important issues for online authoring and publishing systems. Aim of this paper is to describe a solution for both problems, which is based on department structure, subject areas, and roles in an enterprise. Our approach will be introduced by presenting the DAPHNE system. DAPHNE provides possibilities to support collaborative authoring on a document hierarchy that reflects the diverse branches of an enterprise s organization structure and allows diverse (documentation) information sources of an enterprise to be well structured. The role-based access control (RBAC) mechanism implemented within DAPHNE is supported by the document hierarchy as well. Keywords Online authoring and publishing, role-based access control, RBAC, document hierarchy, workflow, Web authoring system 1. INTRODUCTION Distributed online authoring and publishing in enterprises has gained more and more importance in the last few years [5, 11]. The Internet, in particular the World-Wide Web, has provided the infrastructure that is needed for its realization. Now it is possible for users to perform online collaborative authoring directly from their workplace [6, 7]. However, two distinct issues have to be investigated for Web-based authoring systems in enterprises. 1. How to model/structure a large amount of diverse (documentation) information sources of an enterprise; 2. How to arrange the workflow with reasonable access control for viewing and editing such information sources. At the Institute for Telematics, Trier, Germany we have developed a Web-based online authoring and publishing system - DAPHNE (Distributed Authoring and Publishing in a Hypertet and Networked Environment). DAPHNE, as its name already implies, is a distributed collaborative authoring and publishing tool [5, 14]. DAPHNE offers the following interesting features: 1. DAPHNE differs from other approaches or other Web authoring publishing systems by under most circumstances - employing strictly standardized and open hypertet technology [8, 15]. Components that incorporate standard applications such as word processors or Internet services into DAPHNE have been developed; 2. Authoring and publishing of multilingual documents is supported by DAPHNE; 3. DAPHNE allows the structuring of various information sources by employing a structural element, e.g. subject headings. 4. DAPHNE offers a workflow with access control: various roles are supported by DAPHNE and each role is assigned with a fied set of actions, for instance, content eaminers can eamine and approve documents, a webmaster can publish documents to the Internet, and so on. By means of assigning actions and subject headings to roles an efficient workflow system with access control mechanism has been built; 5. DAPHNE can assure a standard layout for all documents of a website; 6. DAPHNE supports metadata (metatags) management; 7. High system openness: DAPHNE is designed to work with documents in any formats and for multiple purposes (web publishing, document management); 8. High fleibility: users can use any software they prefer to process contents of documents, which are managed by DAPHNE. As already mentioned above, an important issue for online authoring and publishing system is to arrange workflow with reasonable access control for viewing and editing such information sources. The aim is to support the collaborative authoring and publishing and to assure furthermore both, a secure documentation process and the quality of documents. The implementation is based on the WWW platform. In the following sections we will describe the problems we encountered as well our approach to solve the problems.
2 2. PROBLEM ANALYSIS: ACCESS CONTROL ON THE WEB Web authoring and publishing in enterprises can be a very comple process and many people are involved. Access control in a distributed collaborative online system has several aspects at different levels: 1. To only allow legal users to work with the system (authentication); 2. To support different roles to work with the system securely (authorization); 3. To support different implementations of the same role type to work with the system securely (authorization); Beside these aspects, there are other aspects, for instance, secure data transfer. The scenario described below can help to understand those security aspects of an online authoring and publishing system: In order to build a website of a big enterprise, many people must participate. They will work all together with the system, but with different tasks on the one hand and responsibility for different areas on the other hand. To allow people to work with the system directly from their workplaces, the system will be run on an Intranet or on the Internet. To prevent illegal access to the system (by the staff or other users), an access control mechanism should be available. That is, each user must be registered. People can have different tasks within the system (different role types), for instance, in an online authoring system there may be authors who write the documents, directors who eamine the contents of those documents, and webmasters who publish the documents, layout designers who determine the layout of those documents. In the system, an authorization mechanism should be available in order to prevent, for eample, an author from illegally performing tasks of directors. People (authors, content eaminers,...) are often only responsible for defined areas, for eample, authors and department directors only for their own departments. Likewise, an authorization mechanism should be available in the system in order to prevent, for eample, an author from trying to illegally edit documents of another area. Webserver programs provide already authentication and authorization mechanisms. For a Web-based authoring and publishing system, the webserver can meet the needs of access control at the first two levels easily. However, it can be very cumbersome to meet the need of access control at the third level, as Ferraiolo, Barkley, and Kuhn [1] wrote: Web server administrators usually control user access to enterprise published documents through creation and maintenance of access control lists (ACLs) on a serverby-server basis. ACLs specify, for each protected resource, a list of named individuals, or groups composed of individual users, with their respective modes of access to that object. This use of ACLs is problematic for a variety of reasons. ACLs are tied to particular objects. As such, they are appropriate for discretionary need-to-know policies, where ownership of objects resides with the end user. In more detail: in order to reach the 3. level access control, the following work should be done: 1. to make each possible departmental area or subject field (together in DAPHNE: subject heading) to be able to be associated with the ACLs, for eample, by establishing a directory for each possible area or field; 2. specify each role for areas or fields that they are responsible for on the Web server. It is obviously very difficult to reach the third level of access control, especially when the following factors are considered as well: there may be lots of areas / fields (subject headings), they may also grow constantly, there are often needs to change the association between users and areas / fields (subject headings). In order to build a fleible access control mechanism, a rolebased access control mechanism with an etension associated with the document hierarchy has been built in DAPHNE. In section 3 of this paper the basic role-based access control mechanism will be shown. The etension to document hierarchy will be shown in section RBAC IMPLEMENTATION WITHIN DAPHNE 3.1 Role-based Access Control To support collaborative work, a workflow and access control mechanism is very useful. Access control can be used both to restrict access to information and functionality in the shared environment to those authorized and to help coordination by providing only those functions to users that are currently needed to fulfil their role [12]. Lots of researches on role-based access control have been reported [1, 10, 12]. Roles and actions or permissions (to perform an action) are two basic elements of both workflow management system [13] and role-based access control system [1]. Since RBAC is primarily a nondiscretionary access control model and does not permit users to be directly associated with permissions, two different types of associations play a key role for building a role-based access control mechanism. They are: 1. associations between permissions and roles, that means, permissions are authorized for roles, and 2. associations between roles and users, that means, roles are authorized for users. By means of managing the two types of associations, a rolebased access control system can be managed efficiently. Ferraiolo, Barkley, and Kuhn [1] wrote:... when administering RBAC, two different types of associations must be managed: associations between users and roles and associations between roles and permissions. When a user s job position changes, only the user/role association change. If the job position is
3 represented by a single role, then, when a user s job position changes, there are only two user/role associations to change: remove the association between the user and the user s current role and add an association between the user and the user s new role. In our case, that is an online authoring and publishing system, since there may be a great amount of departments, areas or fields - we call them together subject headings within DAPHNE, a great amount of jobs can result in definitions of roles for each subject heading. This means two types of associations are not yet enough for the Web authoring and publishing system. As will be shown in a later section of the paper, another type of associations has been employed within DAPHNE, i.e., associations between roles and subject headings. By introduction of this type of associations, jobs of definition of roles have been reduced within DAPHNE. 3.2 DAPHNE Implementation According to our analysis of the requirements for access control and quality assurance in the enterprise s documentation process, the following roles are distinguished with in DAPHNE: 1. authors, 2. content eaminers, 3. publishers, and 4. system administrators (layout manager / information architect). There can be multi-level content eaminers depending on demand, for instance, an enterprise may request for a four-eye concept, while another may request for a si-eye concept. In addition, layout manager, information architect and database/system administrator have been defined as one role. If necessary, they can also be defined separately. Within DAPHNE actions or permissions (to perform actions) have been separated for accomplishing the whole process of online authoring and publishing. Basic actions include: inserting documents, viewing documents, editing / modifying / updating documents, deleting documents, document content eamination, layout definition, definition of subject headings. After having separated and defined roles and permissions within DAPHNE, the two types of associations are defined. Tab. 1 shows the associations between roles and permission: document creation and/or check-in into DAPHNE document modification document removal metadata editing search document replacement Author Content eaminer Webmaster/ publishers System administrator document or website preview layout definition Web structure definition document approval / content eamination (accept or refuse) static HTML based website generation further system administration (add new users, assign subject headings to users, etc.) () Tab. 1: Role-action relationships within DAPHNE Thus, permissions (actions within DAPHNE) are authorized to roles within DAPHNE. The realization of associations between users and roles is supported by means of ACLs: within DAPHNE, all actions of a role are bundled within a CGI directory of the Web server, i.e. each CGI-directory corresponds to a role. By adding a user to the ACL of this directory, the role is authorized for the user. Each document in DAPHNE possesses several possible statuses, which will be changed by actions of users. For instance, as employed by an international bank, DAPHNE supports four status groups of documents as shown below: locked; free; eported; published. If a document is still being edited, it is "locked". An author can set the status of the document to be "free", if he/she finishes the editing. A content eaminer can either "eport" or "lock" the document depending on his/her opinion. After another round of content eamination, the document can be "published". Thus, roles and their permissions described above can cause a
4 workflow for online authoring and publishing in the enterprise. For instance, authors that insert new documents send an "accept" permission for those documents to roles that are in the hierarchy directly above (i.e. content eaminers). Every user with the permissions of that role can accept or refuse to "further work" with the respective document. An accept message of a user with the highest role permission (the final content eaminer or publisher) leads to a new, official document of the enterprises website. However, there is still one issue to be dealt with, i.e., the secure documentation: users are usually only responsible for some subject headings and should not have permissions to perform actions on documents of other subject headings. To solve this problem, DAPHNE employs another association, the association between users and subject headings. 4. DOCUMENT HIERARCHY AS A COMPLEMENTARY ELEMENT FOR RBAC 4.1 Document Hierarchy within DAPHNE Well-structured hypertets can assure high usability [2, 3, 4, 8]. When a website is constructed in an enterprise organization, it is common that the department / area structure of the enterprise or organization is used as the basic structural element for building the elementary structure of the website. However, research results show that this approach has disadvantages, as noted by Jakob Nielsen in his foreword for [9]. In order to improve the usability of websites, the enterprise structure can be complemented by subject areas/headings within DAPHNE. Together they build the subject fields of DAPHNE. Subject headings build a document hierarchy for the website to be built. DAPHNE assumes a tree structure depending on different departments and subject areas in the enterprise documentation set. (See Fig. 1) Enterprise - documentation root Departement 1 Departement 2 Departement... Departement n Documents Area 1.1 Area... Area m 1 Documents Area 2.1 Area... Area m 2 Documents... Leaf-level: Doc 1 Doc... Doc m r Fig. 1: Tree structure based on departments and subject areas in the enterprise Each subject field contains correspondent documents which can be entered by users. Users can also select documents as socalled cover-pages for subject fields. Within DAPHNE, the content and layout of a document are managed separately. The layout of a subject field can be defined and will be used for all documents of this subject field. In this way, an automatic layout mechanism that includes the navigational structure that is based on the subject fields and supports a standard layout has been built. On the other hand, the subject fields used in DAPHNE are also structural elements of the hypertet system: they are both containers of documents and are structural elements of whole web pages (hypertet). In other words, the subject fields in DAPHNE are just like the composite units in some hypertet
5 systems [4], but with etended functions (they can also contain documents). Based on them, a large amount of documents will be managed efficiently, and the navigation structure will be built. As these subject fields are a miture of departments / areas of an enterprise and (Web user-oriented) subjects headings, it is epected that high usability of the Web site constructed by DAPHNE will be achieved. Every area can consist of several sub-areas and/or leaf documents. Two advantages arise out of an idea of putting areas and documents in a hierarchy. The first is that each document and area inherits the major characteristics of the parent-area. This could be information concerning the documentation classification, the layout or content-dependencies. The second advantage is the inheritance of access permissions by default to the users, as will be shown later. 4.2 Associations between Roles and Subject Headings In order to assure a secure documentation, there is a third type of associations, i.e., associations between users and subject headings within DAPHNE, in additions to the two basic associations of RBAC. In this way, the legal users of each subject fields are defined. In more detail, within DAPHNE, 1. Subject fields are authorized for users; 2. Implicitly, webmaster and administrators are associated with all subject headings; 3. System administrators (role type system administrator) cannot only insert new roles (role type author) but also insert or change the associations between roles and subject headings. The associations are maintained within the relational database which DAPHNE employs. Within DAPHNE, there is also a role hierarchy. On the leaflevel (role type: author) there are only basic permissions (actions) to allow the role to work with (contents of) documents directly, while every parent role has at least two high level permissions (actions): 1. accept (further working with) a document 2. refuse (further working with) a document. It should be mentioned again that system administrator, as the root role, can not only insert new roles but also insert or change the associations between roles and subject headings. We implemented the role hierarchy of the web documents for bank companies as: system administrator (root role) web-responsible (root role for document contents) departmental manager (middle role) author (leaf role) Within the workflow implemented in DAPHNE, each document may have several copies of itself - with different status - for different roles, i.e., for author(s), for content eaminer(s) and publisher(s). Thus, the dynamic updating and collaborative authoring of a working document can be achieved. 4.3 Benefits of Our Approach All author-roles of the department can access all documents, but they can only edit the ones they have inserted. The same role can belong to several members of the according department, so that there should not arise any difficulties when an employee falls sick or goes on holiday. The departmental manager is responsible (and he/she has of course all permissions needed) for the whole area-path below the department edge. Different roles for a specific area build a virtual team for this subject headings covering the whole authoring and publishing workflow from the beginning of inserting / editing documents to the final publishing. This assures the collaborative authoring. Within DAPHNE, the subject / document hierarchy is also used to build a browseable-navigation dynamically. The subject / document hierarchy can both be used for publishing internal documentation and providing a base for the web pages of a company. In our approach, subject headings are basic elements for access control: first, the legal users of each area are determined by means of assigning areas to roles. Secondly, subject headings (and their documents) can be assigned different access statuses for end users, for instance, in order to form an Intranet web site and an Internet web site. Generally speaking, the definition of roles within DAPHNE has been made very fleible. 5. CONCLUDING REMARKS AND FUTURE WORK In summary, a workflow system with access control is essential and very useful for online authoring and publishing systems in enterprises. Our eperiences have shown that such a workflow can be built efficiently based on the department and branch structure of an enterprise with complementation of web useroriented subject areas, i.e., the subject headings of DAPHNE. Our approach assures that a large number of online documents will be organized in a well-structured document hierarchy, and content/layout quality assurance as well as an achievement of secure documentation. We have shown that RBAC is very useful for building the access control mechanism in the workflow of an online authoring system as well as the big interest of associating users with subject headings. On the other hand, to make this mechanism more powerful, there are still several things to be done. Up to now, associations between subject headings and roles within DAPHNE can only be defined and modified by the role system administrator. This leads to the disadvantage that the document hierarchy or information structure is not very fleible. In order to get rid of this disadvantage, roles should be allowed to create subject headings freely, while the basic document hierarchy can be maintained. In addition, roles should be allowed to change the associations between subject headings and roles, too. Another type of associations, i.e., associations between documents (information object) and roles should be defined as well. This new type of associations will allow the owner of documents to associate other roles with permissions on those documents, for eamples, to allow other roles to perform actions, e.g. to modify or to remove the documents.
6 6. AKNOWLEDGEMENT This work is in part supported by the Stiftung Rheinland-Pfalz für Innovation, Germany. The authors would also like to thank the anonymous reviewers for the helpful suggestions and comments. 7. REFERENCES [1] Ferraiolo, D.F., Barkley, J.F., and Kuhn, D.R. A Role- Based Access Control Model and Reference Implementation within a Corporate Intranet. ACM Transactions of Information and System Security, 2(1) (1999), [2] Halasz, F.G. Reflections on Notecards: Seven issues for the net generation of hypermedia systems. Communication of ACM, 31 (7) (1988), [3] Halasz, F.G., and Schwartz, M. The Deter Hypertet Reference Model. Communication of ACM, 37(2) (1994), [4] Hammwöhner, R., and Kuhlen, R. Semantic control of open hypertet systems by typed objects. Journal of Information Science, 20(3) (1994), [5] Heuer, A., Zhang, Z., Engel, T., and Meinel. C. DAPHNE - Distributed Authoring and Publishing in a Hypertet and Networked Environment. In: Proceddings of the International Conference IuK99 - Dynamic Documents (Feb. 1999), Jena, Germany [6] Liu, C., Zhou, X., and Orlowska, M. Issues in workflow and Web-based workflow systems. In: Proceedings of the Asia Pacific Web Conference (APWeb98). World Wide Web: technologies and applications. (Beijing, China, 1998). Available at: [7] Miller, J., Palaniswami, D., Sheth, A., Kochut, K., and Singh., H. Webwork: Meteors web-based workflow management system. Journal of Intelligent Information Systems, 10(2) (1998) [8] Nürnberg, P.J., Wiil, U.K., and Leggett, J.J. "Structuring Facilities in Digital Libraries". In: Proceedings of the Second European Conference on Digital Libraries (ECDL 98). (1998), Available at: 8.pdf [9] Rosenfeld, L., and Morville, P. Information Architecture for the World Wide Web. Cambridge: O'Reily [10] Sandhu, R. and Samarati, P. Authentication, access control, and audit. ACM Comput. Surv., 28, 1, , 1996 [11] Streitz, N.A., Haake, J., Hannemann, J., Lemke, A., Schuler, W., Schütt, H., and Thüring, M.: SEPIA: A cooperative hypermedia authoring environment. In Proc. ECHT 92. Milano. ACM: New York, [12] Wang, W.: Team-and-Role-Based Organational Contect and Access Control for Cooperative hypermedia Environments. In Proceedings of Hypertet 99: Returning to our diverse roots (Darmstadt, Germany 1999). ACM Press, [13] Wodtke, D., Weissenfels, J., Weikum, G., and Dittrich, A.K. The Mentor Project: Steps Towards Enterprise-Wide Workflow Management. In: IEEE International Conference on Data Engineering. (New Orleans, 1996). Available at: [14] Zhang, Z. Heuer, A., Engel, T., and Meinel, C.: DAPHNE - A Distributed Tool for Web Authoring and Publishing. To appear in Proceedings of the Annual Conference of American Society of Information Science, ASIS 99, Washington D.C., Nov [15] sterbye, K., and Wiil, U.K.: The Flag Taonomy of Open Hypermedia Systems. Hypertet 96 (1996). ACM Press,
An Object Oriented Role-based Access Control Model for Secure Domain Environments
International Journal of Network Security, Vol.4, No.1, PP.10 16, Jan. 2007 10 An Object Oriented -based Access Control Model for Secure Domain Environments Cungang Yang Department of Electrical and Computer
More informationA Model for Context-dependent Access Control for Web-based Services with Role-based Approach
A Model for Context-dependent Access Control for Web-based Services with Role-based Approach Ruben Wolf, Thomas Keinz, Markus Schneider FhG Institute for Secure Telecooperation (SIT), 64293 Darmstadt,
More informationInter-domain authorization and delegation for business-to-business e-commerce.
Inter-domain authorization and delegation for business-to-business e-commerce. Pietro Michiardi and Refik Molva {First Name.Last Name}@eurecom.fr Institut Eurécom, 2229 Route des Crêtes BP 193 06904 Sophia-Antipolis
More informationAdvanced Techniques for Analyzing Web Server Logs
Advanced Techniques for Analyzing Web Server Logs Ernst-Georg Haffner, Uwe Roth, Andreas Heuer, Thomas Engel, Christoph Meinel Institute of Telematics Bahnhofstraße 30-32 D-54292 Trier, Germany Abstract
More informationComparing Simple Role Based Access Control Models and Access Control Lists. Abstract. 1 Introduction
Comparing Simple Role Based Access Control Models and Access Control Lists John Barkley National Institute of Standards and Technology Gait hersburg MD 20899 (301) 975-3346 j barkleyanist.gov Abstract
More informationCHAPTER 22 Database Security Integration Using Role-Based Access Control
CHAPTER 22 Database Security Integration Using Role-Based Access Control Sylvia Osborn Department of Computer Science, The University of Western Ontario London, Ontario, Canada, N6A-5B7 svlvia@csd.uwo.ca
More informationTerms and Definitions for CMS Administrators, Architects, and Developers
Sitecore CMS 6 Glossary Rev. 081028 Sitecore CMS 6 Glossary Terms and Definitions for CMS Administrators, Architects, and Developers Table of Contents Chapter 1 Introduction... 3 1.1 Glossary... 4 Page
More informationUser s Guide. Version 2.1
Content Management System User s Guide Version 2.1 Page 1 of 51 OVERVIEW CMS organizes all content in a tree hierarchy similar to folder structure in your computer. The structure is typically predefined
More informationACTIVE CONTENT MANAGER (ACM)
ITServices SSC007-3333 University Way Kelowna, BC V1V 1V7 250.807.9000 www.ubc.ca/okanagan/itservices ACTIVE CONTENT MANAGER (ACM) An Introduction March 8, 2007 Introduction.ppt 1 Overview Content Management
More informationSharePoint 2013 Site Owner and Power User Boot Camp SP31; 3 Days, Instructor-led
SharePoint 2013 Site Owner and Power User Boot Camp SP31; 3 Days, Instructor-led Course Description Users that have some basic knowledge of navigating a SharePoint site will find this class the perfect
More informationDocumentManagement. Consulting. Issue: 02/02/2004. jwconsulting GmbH Caspar-David-Friedrichstr. 7 69190 Walldorf Germany
DocumentManagement jw GmbH Caspar-David-Friedrichstr. 7 69190 Walldorf Germany Issue: 02/02/2004 GmbH, http://www.jwconsulting.de 1 of 6 05/30/2004 DocumentManagement The document management system developed
More informationAdministration of Access Control in Information Systems Using URBAC Model
JOURNAL OF APPLIED COMPUTER SCIENCE Vol. 19 No. 2 (2011), pp. 89-109 Administration of Access Control in Information Systems Using URBAC Model Aneta Poniszewska-Marańda Institute of Information Technology
More informationWebSecFrame - A Way to Improve Corporate Network Security
WebSecFrame - A Way to Improve Corporate Network Security Frank Losemann losemann@ti.fhg.de Christoph Meinel meinel@ti.fhg.de Institute for Telematics, Trier, Germany Phone: +49-651 975 51 60 Fax: +49-651
More informationDenodo Data Virtualization Security Architecture & Protocols
Denodo Data Virtualization Security Architecture & Protocols XLS Security Architecture & Protocols We include hereinafter a description of the security support in the Denodo Platform. The following diagram
More informationUniform Comparison of Data Models Using Containment Modeling
Uniform Comparison of Data odels Using Containment odeling E. James Whitehead, Jr. University of California, Santa Cruz Dept. of Computer Science Santa Cruz, CA 95064 +.83.459.227 ejw@cs.ucsc.edu ABSTRACT
More informationContent Management System User Guide
Content Management System User Guide Table Of Contents Getting Started Checklist... 1 Overview: Portal Content Management System... 3 Anatomy of a Portal Page... 3 Overview of the Content Management System...
More informationApplication of XML Tools for Enterprise-Wide RBAC Implementation Tasks
Application of XML Tools for Enterprise-Wide RBAC Implementation Tasks Ramaswamy Chandramouli National Institute of Standards and Technology Gaithersburg, MD 20899,USA 001-301-975-5013 chandramouli@nist.gov
More informationADMINISTRATOR GUIDE VERSION
ADMINISTRATOR GUIDE VERSION 4.0 2014 Copyright 2008 2014. All rights reserved. No part of this document may be reproduced or transmitted in any form or by any means electronic or mechanical, for any purpose
More informationCabarrus County SharePoint Governance
Cabarrus County SharePoint Governance Table of Contents Table of Contents... 2 Document Control... 3 Executive Summary... 3 Strategic Goals... 3 Roles and Responsibilities... 3 Operations and Support...
More informationMARAH: an RBAC model and its integration in a Web server
MARAH: an RBAC model and its integration in a Web server P. Díaz, D. Sanz & I. Aedo Departamento de Informática, Universidad Carlos III de Madrid Abstract Hypermedia systems, whether implemented as web
More informationMRBAC: Hierarchical Role Management and Security Access Control for Distributed Multimedia Systems
MRBAC: Hierarchical Role Management and Security Access Control for Distributed Multimedia Systems Na Zhao 1, Min Chen 2, Shu-Ching Chen 1, Mei-Ling Shyu 3 1 Distributed Multimedia Information System Laboratory
More informationVendor briefing Business Intelligence and Analytics Platforms Gartner 15 capabilities
Vendor briefing Business Intelligence and Analytics Platforms Gartner 15 capabilities April, 2013 gaddsoftware.com Table of content 1. Introduction... 3 2. Vendor briefings questions and answers... 3 2.1.
More informationMonitoring Web Browsing Habits of User Using Web Log Analysis and Role-Based Web Accessing Control. Phudinan Singkhamfu, Parinya Suwanasrikham
Monitoring Web Browsing Habits of User Using Web Log Analysis and Role-Based Web Accessing Control Phudinan Singkhamfu, Parinya Suwanasrikham Chiang Mai University, Thailand 0659 The Asian Conference on
More informationContent Manager User Guide Information Technology Web Services
Content Manager User Guide Information Technology Web Services The login information in this guide is for training purposes only in a test environment. The login information will change and be redistributed
More informationMake search become the internal function of Internet
Make search become the internal function of Internet Wang Liang 1, Guo Yi-Ping 2, Fang Ming 3 1, 3 (Department of Control Science and Control Engineer, Huazhong University of Science and Technology, WuHan,
More informationCompleteness, Versatility, and Practicality in Role Based Administration
Completeness, Versatility, and Practicality in Role Based Administration Slobodan Vukanović svuk002@ec.auckland.ac.nz Abstract Applying role based administration to role based access control systems has
More informationComponents- Based Access Control Architecture
Issue s in Informing Science and Information Technology Volume 6, 2009 Components- Based Access Control Architecture Adesina S. Sodiya and Adebukola S. Onashoga Department of Computer Science, University
More informationDocument Management In SAP Solution Manager Application Lifecycle Management
Document Management In SAP Solution Manager Application Lifecycle Management www.sap.com TABLE OF CONTENTS 1.0 Motivation... 3 2.0 Method and Prerequisites... 4 2.1 Document storage in SAP Solution Manager...
More informationQuality Assurance Plan
CloudSizzle : Quality Assurance Plan Quality Assurance Plan General info Changelog 1. Introduction 2. Quality goals and risks 3. Quality Assurance practices 3.1 Testing levels 3.2 Testing - 3.2.1 Test
More informationResearch and Implementation of Customizable Dynamic Website Management System
2012 International Conference on Education Technology and Computer (ICETC2012) IPCSIT vol.43 (2012) (2012) IACSIT Press, Singapore Research and Implementation of Customizable Dynamic Website Management
More informationThe Core Pillars of AN EFFECTIVE DOCUMENT MANAGEMENT SOLUTION
The Core Pillars of AN EFFECTIVE DOCUMENT MANAGEMENT SOLUTION Amanda Perran 6 Time MVP Microsoft SharePoint Server Practice Lead, SharePoint - Plato vts Microsoft Co-Author of Beginning SharePoint 2007
More informationBusiness 360 Online - Product concepts and features
Business 360 Online - Product concepts and features Version November 2014 Business 360 Online from Software Innovation is a cloud-based tool for information management. It helps you to work smarter with
More informationi-questionnaire A Software Service Tool for Data
i-questionnaire A Software Service Tool for Data Analysis in e-business 1 ANDY S.Y. LAI, 2 Y.C. POON 1, Department of Information and Communications Technology, Hong Kong Institute of Vocational Education,
More informationCONCEPTUAL MODELING OF LARGE WEB SITES
CONCEPTUAL MODELING OF LARGE WEB SITES Bernhard Strauch, Robert Winter Institute of Information Management, University of St. Gallen Mail: Mueller-Friedberg-Strasse 8, CH-9000 St. Gallen (Switzerland)
More informationImplement role based access control with attribute certificates
Implement role based access control with attribute certificates Wei Zhou Computer Science Department University of Trier D-54286 Trier, Germany zhouwei48@hotmail.com Christoph Meinel Computer Science Department
More informationA guide through the concepts of Serena Dimensions. René Steg Steg IT-Engineering, Zurich (Switzerland)
A guide through the concepts of Serena Dimensions René Steg Steg IT-Engineering, Zurich (Switzerland) Introduction About René Steg and Steg IT-Engineering Owner of Steg IT-Engineering since 2000 and contracted
More informationIntroduction to Computer Security
Introduction to Computer Security Access Control and Authorization Pavel Laskov Wilhelm Schickard Institute for Computer Science Resource access recapitulated 1. Identification Which object O requests
More informationMcAfee Certified Product Specialist McAfee epolicy Orchestrator
McAfee Certified Product Specialist McAfee epolicy Orchestrator Exam preparation guide Table of Contents Introduction 3 Becoming McAfee Certified 3 Exam Details 3 Recommended Exam Preparation 4 Exam Objectives
More informationHow a Content Management System Can Help
18 October 2004 How a Content Management System Can Help 1 Introduction to Autoweb 1.1 Autoweb is a robust Website Builder and a Content Management System that speeds up deployment and instantly creates
More informationImplementing XML-based Role and Schema Migration Scheme for Clouds
Implementing XML-based Role and Schema Migration Scheme for Clouds Gurleen Kaur 1, Sarbjeet Singh 2 Computer Science and Engineering, UIET Panjab University, Chandigarh, India 1 gurleenturka@gmail.com
More informationThomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch
Thomas Röthlisberger IT Security Analyst thomas.roethlisberger@csnc.ch Compass Security AG Werkstrasse 20 Postfach 2038 CH-8645 Jona Tel +41 55 214 41 60 Fax +41 55 214 41 61 team@csnc.ch www.csnc.ch What
More informationMicrosoft Visual Studio Integration Guide
Microsoft Visual Studio Integration Guide MKS provides a number of integrations for Integrated Development Environments (IDEs). IDE integrations allow you to access MKS Integrity s workflow and configuration
More informationAdministering Active Directory. Administering Active Directory. Reading. Review: Organizational Units. Review: Domains. Review: Domain Trees
Reading Read over the Active Directory material in your Network+ Guide I will be providing important materials Administering Active Directory If you don t understand certain concepts, please ask for help!
More informationTutoring Systems For IT Security
published as: J. Hu, Christoph Meinel, M. Schmitt, Ch. Willems: A Tutoring System for IT-Security; Proceedings of the 3rd World Conference in Information Security Education (WISE 2003); IFIP WISE 2003,
More informationUH CMS Basics. Cascade CMS Basics Class. UH CMS Basics Updated: June,2011! Page 1
UH CMS Basics Cascade CMS Basics Class UH CMS Basics Updated: June,2011! Page 1 Introduction I. What is a CMS?! A CMS or Content Management System is a web based piece of software used to create web content,
More information90 Marius Leahu, Vasile Buzuloiu, Dan Alexandru Stoichescu
U.P.B. Sci. Bull., Series 76, Vol. 1, Iss. 1, 2014 ISSN 2286-3540 A ROLE BASED ACCESS CONTROL SOLUTION FOR LINUX NETWORK Marius LEAHU 1, Vasile BUZULOIU 2, Dan Alexandru STOICHESCU 3 Linux networks are
More informationONLINE EXERCISE SYSTEM A Web-Based Tool for Administration and Automatic Correction of Exercises
ONLINE EXERCISE SYSTEM A Web-Based Tool for Administration and Automatic Correction of Exercises Daniel Baudisch, Manuel Gesell and Klaus Schneider Embedded Systems Group, University of Kaiserslautern,
More informationBusiness Intelligence Tutorial
IBM DB2 Universal Database Business Intelligence Tutorial Version 7 IBM DB2 Universal Database Business Intelligence Tutorial Version 7 Before using this information and the product it supports, be sure
More informationWorkflow Object Driven Model
Workflow Object Driven Model Włodzimierz Dąbrowski 1,2, Rafał Hryniów 2 Abstract: Within the last decade the workflow management makes an incredible career. Technology connected with the workflow management
More informationIdentity Lifecycle Management Technology
Identity Lifecycle Management Technology Authors: Seiichi Kondo* and Tatsuya Tsurukawa* 1. Introduction In an integrated identity system for shared use by the types of security components of a corporate
More informationWeb Based Application for Registering Degree Projects
Web Based Application for Registering Degree Projects LEONIDAS FRAGIDIS, ACHILLEAS MICHAILIDIS, VASSILIOS MARDIRIS AND VASSILIOS CHATZIS Information Management Department Technological Institute of Kavala
More informationMeta Model Based Integration of Role-Based and Discretionary Access Control Using Path Expressions
Meta Model Based Integration of Role-Based and Discretionary Access Control Using Path Expressions Kathrin Lehmann, Florian Matthes Chair for Software Engineering for Business Information Systems Technische
More informationUOFL SHAREPOINT ADMINISTRATORS GUIDE
UOFL SHAREPOINT ADMINISTRATORS GUIDE WOW What Power! Learn how to administer a SharePoint site. [Type text] SharePoint Administrator Training Table of Contents Basics... 3 Definitions... 3 The Ribbon...
More informationIBM Tivoli Storage Manager for Microsoft SharePoint
IBM Tivoli Storage Manager for Microsoft SharePoint 2007 IBM Corporation What is SharePoint? 2007 IBM Corporation What is SharePoint? What is SharePoint? Web-based workplace for online collaboration MS
More informationSUMMARY NOMENCLATURE 1. INTRODUCTION
ADVANCED CAD PLM INTEGRATION IN A NAVAL SHIPBUILDING ENVIRONMENT F. Alonso, SENER Ingeniería y Sistemas S.A., Spain C. Gonzalez, SENER Ingeniería y Sistemas S.A., Spain R. Perez, SENER Ingeniería y Sistemas
More informationAdvanced Features for Enterprise-Wide Role-Based Access Control
Advanced Features for Enterprise-Wide -Based Access Control Axel Kern Systor Security Solutions GmbH Hermann-Heinrich-Gossen-Str. 3 50858 Köln, Germany axel.kern@systorsecurity.com Abstract The administration
More informationRole Based Access Control (RBAC) Nicola Zannone
Role Based Access Control (RBAC) Nicola Zannone 1 DAC and MAC Discretionary Access Control (DAC) Access control determined by the owner of an object Oner can delegate access rights to other users Access
More informationContext-Dependent Access Control for Web-Based Collaboration Environments with Role-Based Approach
Context-Dependent Access Control for Web-Based Collaboration Environments with Role-Based Approach Ruben Wolf and Markus Schneider Fraunhofer Gesellschaft (FhG), Institute for Secure Telecooperation (SIT)
More informationSharePoint 2013 for Business Process Automation
SharePoint 2013 for Business Process Automation Course Number: 12966 Category: SharePoint Duration: 3 Days Course Description This three-day instructor-led course teaches business professionals how to
More informationTowards a Proposal for a Standard Component-Based Open Hypermedia System Storage Interface
Towards a Proposal for a Standard Component-Based Open Hypermedia System Storage Interface Uffe Kock Wiil Department of Computer Science Aalborg University Esbjerg Niels Bohrs Vej 8, 6700 Esbjerg, Denmark
More informationCascade Server. End User Training Guide. OIT Training and Documentation Services OIT TRAINING AND DOCUMENTATION. oittraining@uta.
OIT Training and Documentation Services Cascade Server End User Training Guide OIT TRAINING AND DOCUMENTATION oittraining@uta.edu http://www.uta.edu/oit/cs/training/index.php 2013 CONTENTS 1. Introduction
More informationCompare & Adjust How to Guide for Compare & Adjust in SAP Solution Manager Application Lifecycle Management
Compare & Adjust How to Guide for Compare & Adjust in SAP Solution Manager Application Lifecycle Management www.sap.com TABLE OF CONTENTS COPYRIGHT... 3 1.0 Motivation... 4 2.0 Method and Prerequisites...
More informationCal Poly Pomona Cascade Server Beginning Web Author Training
Cal Poly Pomona Cascade Server Beginning Web Author Training Contents Recommended Browsers for using Cascade... 3 Content Management System Overview... 3 Content Management System Diagram- workflow...
More informationLeveraging TEWI Platform to Enhance Scientific Collaboration on Universities
JOURNAL OF APPLIED COMPUTER SCIENCE Vol. 20 No. 1 (2012), pp. 35-50 Leveraging TEWI Platform to Enhance Scientific Collaboration on Universities Marcin Kłosiński Łodź University of Technology Institute
More informationRole-based access control. RBAC: Motivations
Role-based access control 1 RBAC: Motivations Complexity of security administration For large number of subjects and objects, the number of authorizations can become extremely large For dynamic user population,
More informationChapter 2 Taxonomy and Classification of Access Control Models for Cloud Environments
Chapter 2 Taxonomy and Classification of Access Control Models for Cloud Environments Abhishek Majumder, Suyel Namasudra and Samir Nath Abstract Cloud computing is an emerging and highly attractive technology
More informationDo you know? "7 Practices" for a Reliable Requirements Management. by Software Process Engineering Inc. translated by Sparx Systems Japan Co., Ltd.
Do you know? "7 Practices" for a Reliable Requirements Management by Software Process Engineering Inc. translated by Sparx Systems Japan Co., Ltd. In this white paper, we focus on the "Requirements Management,"
More informationBitrix Site Manager 4.0. The Guide to Managing User Group Permissions
Bitrix Site Manager 4.0 The Guide to Managing User Group Permissions Contents CONTENTS...2 INTRODUCTION...3 ACCESS PERMISSION LEVELS...4 Access to files and folders...4 Permissions for the system modules
More informationDow Corning Uses Enterprise Rights Management to Help Protect Intellectual Property
Dow Corning Uses Enterprise Rights Management to Help Protect Intellectual Property Overview Country or Region: United States Industry: Manufacturing Customer Profile Dow Corning is a global leader in
More informationA TRUST BASED DELEGATION SYSTEM FOR MANAGING ACCESS CONTROL. Rainer Steffen, Rudi Knorr*
A TRUST BASED DELEGATION SYSTEM FOR MANAGING ACCESS CONTROL Rainer Steffen, Rudi Knorr* Abstract Trust is considered to be a powerful approach for managing access control in pervasive computing scenarios.
More informationContent Author's Reference and Cookbook
Sitecore CMS 6.2 Content Author's Reference and Cookbook Rev. 091019 Sitecore CMS 6.2 Content Author's Reference and Cookbook A Conceptual Overview and Practical Guide to Using Sitecore Table of Contents
More informationRHYTHMYX USER MANUAL EDITING WEB PAGES
RHYTHMYX USER MANUAL EDITING WEB PAGES Rhythmyx Content Management Server... 1 Content Explorer Window... 2 Display Options... 3 Editing an Existing Web Page... 4 Creating a Generic Content Item -- a Web
More informationEnterprise Content Management Overview
Enterprise Content Management Overview Morana Kobal Butković Senior Sales Consultant Managing the Information Explosion Content Management Addresses the Entire Content Lifecycle Create
More informationSecure Role-Based Access Control on Encrypted Data in Cloud Storage using Raspberry PI
Volume: 2, Issue: 7, 20-27 July 2015 www.allsubjectjournal.com e-issn: 2349-4182 p-issn: 2349-5979 Impact Factor: 3.762 Miss Rohini Vidhate Savitribai Phule Pune University. Mr. V. D. Shinde Savitribai
More informationBlog Post Extraction Using Title Finding
Blog Post Extraction Using Title Finding Linhai Song 1, 2, Xueqi Cheng 1, Yan Guo 1, Bo Wu 1, 2, Yu Wang 1, 2 1 Institute of Computing Technology, Chinese Academy of Sciences, Beijing 2 Graduate School
More informationSharePoint Training DVD Videos
SharePoint Training DVD Videos SharePoint 2013 Administration Intended for: Prerequisites: Hours: Enterprise Content Managers / Administrators Planners / Project managers None 16 hours of video + 18 hours
More informationWEAK INFORMATION SYSTEMS FOR TECHNICAL DATA MANAGEMENT
P. Salvaneschi, M. Lazzari, "Weak information systems for technical data management", Worldwide ECCE Symposium on computers in the practice of building and civil engineering. Lahti, Finland, September
More informationImplementation of Role Based Access Control on Encrypted Data in Hybrid Cloud
Implementation of Role Based Access Control on Encrypted Data in Hybrid Cloud Gajanan Ganorkar, Prof. A.B. Deshmukh, Prof M.D.Tambhakhe Information Technology Email:g.ganorkar7691@gmail.com Contact: 8600200142
More informationA Semantic Approach for Access Control in Web Services
A Semantic Approach for Access Control in Web Services M. I. Yagüe, J. Mª Troya Computer Science Department, University of Málaga, Málaga, Spain {yague, troya}@lcc.uma.es Abstract One of the most important
More informationLifeSize Video Center Administrator Guide March 2011
LifeSize Video Center Administrator Guide March 2011 LifeSize Video Center 2200 LifeSize Video Center Adminstrator Guide 2 Administering LifeSize Video Center LifeSize Video Center is a network server
More informationActive Directory Integration Manual
Active Directory Integration Manual Fast and easy roll-out of BackupAgent platforms using Active Directory and web-panels 1. Online Backup for hosters This whitepaper describes the unique and valuable
More informationBest Practices, Procedures and Methods for Access Control Management. Michael Haythorn
Best Practices, Procedures and Methods for Access Control Management Michael Haythorn July 13, 2013 Table of Contents Abstract... 2 What is Access?... 3 Access Control... 3 Identification... 3 Authentication...
More informationMatchPoint Technical Features Tutorial 21.11.2013 Colygon AG Version 1.0
MatchPoint Technical Features Tutorial 21.11.2013 Colygon AG Version 1.0 Disclaimer The complete content of this document is subject to the general terms and conditions of Colygon as of April 2011. The
More informationCopyright 2014 Jaspersoft Corporation. All rights reserved. Printed in the U.S.A. Jaspersoft, the Jaspersoft
5.6 Copyright 2014 Jaspersoft Corporation. All rights reserved. Printed in the U.S.A. Jaspersoft, the Jaspersoft logo, Jaspersoft ireport Designer, JasperReports Library, JasperReports Server, Jaspersoft
More informationelearning Content Management Middleware
elearning Content Management Middleware Chen Zhao Helsinki 18.2.2004 University of Helsinki Department of Computer Science Authors Chen Zhao Title elearning Content Management Middleware Date 18.2.2004
More informationCarnegie Mellon Online: Web-Mediated Education
Carnegie Mellon Online: Web-Mediated Education Daniel R. Rehak Professor, Civil and Environmental Engineering Carnegie Mellon University, Pittsburgh PA 15213 1. Abstract - Distributed education, Web-based
More informationUser Management Guide
AlienVault Unified Security Management (USM) 4.x-5.x User Management Guide USM v4.x-5.x User Management Guide, rev 1 Copyright 2015 AlienVault, Inc. All rights reserved. The AlienVault Logo, AlienVault,
More informationModeling the User Interface of Web Applications with UML
Modeling the User Interface of Web Applications with UML Rolf Hennicker,Nora Koch,2 Institute of Computer Science Ludwig-Maximilians-University Munich Oettingenstr. 67 80538 München, Germany {kochn,hennicke}@informatik.uni-muenchen.de
More informationW H IT E P A P E R. Salesforce CRM Security Audit Guide
W HITEPAPER Salesforce CRM Security Audit Guide Contents Introduction...1 Background...1 Security and Compliance Related Settings...1 Password Settings... 2 Audit and Recommendation... 2 Session Settings...
More informationSHAREPOINT 2016 POWER USER BETA. Duration: 4 days
SHAREPOINT 2016 POWER USER BETA Duration: 4 days Overview This course delivers the complete site owner story from start to finish in an engaging and practical way to ensure you have the confidence to plan
More informationThe Power of Classifying in SharePoint 2010
The Power of Classifying in SharePoint 2010 by Agnes Molnar, Microsoft SharePoint MVP October 2010 Phone: (610)-717-0413 Email: info@metavistech.com Website: www.metavistech.com Introduction As a Microsoft
More informationBitrix Site Manager 4.1. User Guide
Bitrix Site Manager 4.1 User Guide 2 Contents REGISTRATION AND AUTHORISATION...3 SITE SECTIONS...5 Creating a section...6 Changing the section properties...8 SITE PAGES...9 Creating a page...10 Editing
More informationIntegrating Databases, Objects and the World-Wide Web for Collaboration in Architectural Design
Integrating Databases, Objects and the World-Wide Web for Collaboration in Architectural Design Wassim Jabi, Assistant Professor Department of Architecture University at Buffalo, State University of New
More informationA Flexible Security System for Enterprise and e-government Portals
A Flexible Security System for Enterprise and e-government Portals Torsten Priebe, Björn Muschall, Wolfgang Dobmeier, Günther Pernul Department of Information Systems, University of Regensburg, D-93040
More informationAnnotation for the Semantic Web during Website Development
Annotation for the Semantic Web during Website Development Peter Plessers, Olga De Troyer Vrije Universiteit Brussel, Department of Computer Science, WISE, Pleinlaan 2, 1050 Brussel, Belgium {Peter.Plessers,
More informationConsuming Real Time Analytics and KPI powered by leveraging SAP Lumira and SAP Smart Business in Fiori SESSION CODE: 0611 Draft!!!
Consuming Real Time Analytics and KPI powered by leveraging SAP Lumira and SAP Smart Business in Fiori SESSION CODE: 0611 Draft!!! Michael Sung SAP Consuming Real Time Analytics and KPI powered by leveraging
More informationCIFS Permissions Best Practices Nasuni Corporation Natick, MA
Nasuni Corporation Natick, MA Overview You use permissions to control user access to data. There are two basic considerations when using permissions to control user access to data: Which users have access
More informationSHAREPOINT ARCHITECTURE FUNDAMENTALS
CHAPTER 4 SHAREPOINT ARCHITECTURE FUNDAMENTALS Whether you re a business user, manager, architect, developer, or IT pro, you ll want to understand the fundamental structure and core terminology of SharePoint
More informationDCA. Document Control & Archiving USER S GUIDE
DCA Document Control & Archiving USER S GUIDE Decision Management International, Inc. 1111 Third Street West Suite 250 Bradenton, FL 34205 Phone 800-530-0803 FAX 941-744-0314 www.dmius.com Copyright 2002,
More informationRational Team Concert. Guido Salvaneschi Dipartimento di Elettronica e Informazione Politecnico di Milano salvaneschi@elet.polimi.
Rational Team Concert Guido Salvaneschi Dipartimento di Elettronica e Informazione Politecnico di Milano salvaneschi@elet.polimi.it Project Areas The project area is the system's representation of a software
More information