Privilege Management for E-Construction

Chadwick, David W. and Otenko, Olexandre and Hunter, David and Leoni, Cristiano (2002) Privilege Management for E-Construction. In: Proc European Conf on Information and Communication Technology Advances and Innovation in the Knowledge Society, Part B, 2002, University of Salford, UK.. (The full text of this publication is not available from this repository)

The full text of this publication is not available from this repository. (Contact us about this Publication)

Abstract

We describe a role based, policy driven, Privilege Management Infrastructure, in which the authorisation tokens are roles held as X.509 attribute certificate stored in LDAP directories. Users are assigned roles, and roles are granted privileges. The authorisation policy says which roles and attribute certificates are to be trusted, and what access rights are to be granted to each role. The authorisation policy is written in XML by the service provider. The access control decision function(ADF) is a policy driven engine that makes the granted or denied access decisions. The ADF is written in Java, and is completely generic so that it can be built into any e-construction application. We have currently built it into two construction applications, E-tendering and E-planning, and these are described.

Item Type: Conference or workshop item (Paper)
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Faculties > Science Technology and Medical Studies > School of Computing > Security Group
Depositing User: Mark Wheadon
Date Deposited: 24 Nov 2008 17:59
Last Modified: 07 Jul 2009 10:20
Resource URI: http://kar.kent.ac.uk/id/eprint/13682 (The current URI for this page, for reference purposes)
  • Depositors only (login required):