FB3 TZI | ||||||
> | ">Deutsch
|
|||||
ForRBAC |
||||||
Due to the fact that more and more data are stored on IT-systems and security-critical business processes such as banking workflows are mapped to their digital pendants, a systematic method for role-based authorisation is required. Specifically, in organisations such as hospitals, financial institutes, or government agencies role-based security policies must be established. Owing to the fact that the security policies can be quite complex in large organisations inconsistencies and unallowed access might be the consequence. For this reason, in ForRBAC a role-based control system shall be developed which allows a security officer to
In the second phase, an authorisation engine which can enforce the aforementioned dynamic security policies shall be specified with the help of the Java Modeling Language (JML) and afterwards be implemented in Java. At least parts of this engine will be formally verified. Period: 01/06/2006 -31/05/2008
|
||||||
Author: Dr. Karsten Sohr |
||||||
|