The industrial partner employs concepts of role-based access controls within several of its applications. They allow a description and implementation of security requirements (such as Separation of Duty). However, it is currently unclear how the role model which is implemented in current applications is consistent with the specified security requirements to be satisfied. As a consequence, the indiustrial partner is planning a redevelopment of its existing access control management. To this end, first the existing role concept shall be extracted and compared to the specified requirements. Based on this comparison, a new access management shall be developed which incorporates both, the currently implemented as well as the specified features. For this purpose, the DFKI GmbH provides support with respect to extraction, consistency checking, and modeling of role based access control systems.
|Duration:||Oct 1, 2015 - Jan 1, 2016|
|Research area:||Software Systems|