TEMPORAL AND LOCATION-BASED EXTENSION OF ROLE-BASED ACCESS CONTROL WITHIN SPRING SECURITY FRAMEWORK
DOI:
https://doi.org/10.24867/04BE16SuljaKeywords:
Java, Spring, access control, authorizationAbstract
This paper presents the implementation of temporal and location-based extension of role-based access control within Spring Security framework. Implementation is divided into two units, where the first unit is a generic access control module, and the second unit is a web application that uses this module to control the access.
References
[1] Kumar, Mahendra / Newman, Richard E. STRBAC - AN APPROACH TOWARDS SPATIO-TEMPORAL ROLE-BASED. Gainesville, FL 32608 : CISE Department Gainesville, FL 32608, 2006.
[2] LoT-RBAC: A Location and Time-Based RBAC Model. Chandran, Suroop Mohan / Joshi, J. B. D. Department of Information Sciences and Telecommunications, University of Pittsburgh : s.n., 2005.
[3] Access control. Wikipedia. [Na mreži] https://en.wikipedia.org/wiki/Access_control.
[4] Role based access control. [Na mreži] https://en.wikipedia.org/wiki/Role-based_access_control.
[5] Attribute based access control. [Na mreži] https://en.wikipedia.org/wiki/Attribute-based_access_control.
[6] Discretionary access control. [Na mreži] https://en.wikipedia.org/wiki/Discretionary_access_control.
[7] Mandatory access control. [Na mreži] https://en.wikipedia.org/wiki/Mandatory_access_control.
[8] Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. Role-based access control models. [Na mreži] 1996. https://ieeexplore.ieee.org/abstract/document/485845.
[9] Authorization. Spring. [Na mreži] https://docs.spring.io/spring-security/site/docs/current/reference/html/authorization.html.
[10] Java. [Na mreži] https://docs.oracle.com/javase/8/docs/api/.
[11] Spring. [Na mreži] https://spring.io/.
[2] LoT-RBAC: A Location and Time-Based RBAC Model. Chandran, Suroop Mohan / Joshi, J. B. D. Department of Information Sciences and Telecommunications, University of Pittsburgh : s.n., 2005.
[3] Access control. Wikipedia. [Na mreži] https://en.wikipedia.org/wiki/Access_control.
[4] Role based access control. [Na mreži] https://en.wikipedia.org/wiki/Role-based_access_control.
[5] Attribute based access control. [Na mreži] https://en.wikipedia.org/wiki/Attribute-based_access_control.
[6] Discretionary access control. [Na mreži] https://en.wikipedia.org/wiki/Discretionary_access_control.
[7] Mandatory access control. [Na mreži] https://en.wikipedia.org/wiki/Mandatory_access_control.
[8] Sandhu, R. S., Coyne, E. J., Feinstein, H. L., & Youman, C. E. Role-based access control models. [Na mreži] 1996. https://ieeexplore.ieee.org/abstract/document/485845.
[9] Authorization. Spring. [Na mreži] https://docs.spring.io/spring-security/site/docs/current/reference/html/authorization.html.
[10] Java. [Na mreži] https://docs.oracle.com/javase/8/docs/api/.
[11] Spring. [Na mreži] https://spring.io/.
Downloads
Published
2019-08-21
Issue
Section
Electrotechnical and Computer Engineering
