A general model of authorisation for complex computing applications
نویسندگان
چکیده
We present the principles of permissions processing used in the Tees Confidentiality Model (TCM), a general authorisation model which is suitable for complex web applications in addition to computer systems administration. In particular, we present new techniques for authorising by multiple concepts, and also for overriding access restrictions. A database implementation of the TCM is referred to, which can be used to provide the basis for a general authorisation service. The TCM is an extension of Role-Based Access Control (RBAC), and has had a significant impact on the development of healthcare computing in the UK. A demanding scenario from Electronic Health Records is used to illustrate the permissions processing and the power of the model.
منابع مشابه
Numerical algorithm for discrete barrier option pricing in a Black-Scholes model with stationary process
In this article, we propose a numerical algorithm for computing price of discrete single and double barrier option under the emph{Black-Scholes} model. In virtue of some general transformations, the partial differential equations of option pricing in different monitoring dates are converted into simple diffusion equations. The present method is fast compared to alterna...
متن کاملAuthorisation in Grid computing
This paper briefly surveys how authorisation in Grid computing has evolved during the last few years, and presents the latest developments in which Grid applications can utilise a policy controlled authorisation infrastructure to make decisions about which users are allowed to perform which actions on which Grid resources. The paper describes the Global Grid Forum SAML interface for connecting ...
متن کاملA semantic-aware role-based access control model for pervasive computing environments
Access control in open and dynamic Pervasive Computing Environments (PCEs) is a very complex mechanism and encompasses various new requirements. In fact, in such environments, context information should be used in access control decision process; however, it is not applicable to gather all context information completely and accurately all the time. Thus, a suitable access control model for PCEs...
متن کاملFlexible Resolution of Authorisation Conflicts in Distributed Systems
Managing security in distributed systems requires flexible and expressive authorisation models with support for conflict resolution. Models need to be hierarchical but also non-monotonic supporting both positive and negative authorisations. In this paper, we present an approach to resolve the authorisation conflicts that inevitably occur in such models, with administrator specified conflict res...
متن کاملServer based application level authorisation for Rotor
Delegent is an authorisation server developed to provide a single centralised policy repository for multiple applications with support for decentralised administration by means of delegation. The author investigates how to integrate Delegent with the Rotor implementation of the .NET framework and compare the features of Delegent with those of the existing application level authorisation models ...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2005