Analysis of Existing Privacy-Aware Access Control for E-Commerce Application
نویسندگان
چکیده
Due to the growing use of the internet, more and more critical processes are running over the web such as e-commerce. Internet allows commerce and business between parties who are physically distant and do not know each other doing the transaction. For the effective operation of the web application and ecommerce applications, security is a key issue. Various aspects of security are relevant to e-commerce such as database security. The availability of e-commerce, user transactions are no longer bound to traditional office-centered environment, but it can be started virtually anywhere at any time. It was moving from closed environment to open environment. In this paper, we clearly define the privacy-aware access control requirements. We also investigated few existing access control in the context of this requirements. We build an assessment criteria in our comparison based on the requirements defined which we finally used it later as a guidelines to design an access control for e-commerce application.
منابع مشابه
Privacy Preserving Dynamic Access Control Model with Access Delegation for eHealth
eHealth is the concept of using the stored digital data to achieve clinical, educational, and administrative goals and meet the needs of patients, experts, and medical care providers. Expansion of the utilization of information technology and in particular, the Internet of Things (IoT) in eHealth, raises various challenges, where the most important one is security and access control. In this re...
متن کامل16th Bled Electronic Commerce Conference
Attribute-based access control (ABAC) is a very powerful and flexible security technique making it possible to overcome limitations of traditional role-based and discretionary access controls. ABAC enables the dynamic handling of vast numbers of heterogeneous and changing resources and users, a task especially relevant for E-Commerce or distributed computing. With an authentication and authoris...
متن کاملXPACML eXtensible Privacy Access Control Markup Language
Privacy in the digital world is a critical problem which is becoming even more imperious with the growth of the Internet, accompanied by the proliferation of e-services (e.g. ecommerce, e-health). One research track for efficient privacy management is to make use of user’s and service provider’s (SP) privacy policies, and to perform an automatic comparison in between to help any (skilled or uns...
متن کاملEnabling Attribute-based Access Control in Authentication and Authorisation Infrastructures
Attribute-based access control (ABAC) is a very powerful and flexible security technique making it possible to overcome limitations of traditional role-based and discretionary access controls. ABAC enables the dynamic handling of vast numbers of heterogeneous and changing resources and users, a task especially relevant for E-Commerce or distributed computing. With an authentication and authoris...
متن کاملFlexible Enterprise Access Control with Object-oriented View Specification
The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Given the increasing use of webbased applications involving sensitive data, the increased threat and the stringent requirements of privacy laws, a more flexible and secure approach is needed. In this paper we present a three-step approach to access cont...
متن کامل