Aplikasi Sistem Informasi Aparatur Sipil Negara adalah aplikasi yang mengelola selu- ruh tahapan manajemen kepagawaian aparatur sipil negara, sejalan dengan perkembangan teknologi dan kebutuhan negara akan data digital, maka perlu dilakukan pengembangan. terdapat 18 pengembangan salah satunya pada fungsi user. Adapun permasalahan ada tersebut yaitu user memiliki role cukup banyak, dimana 1 bisa...

OASIS is a distributed RBAC implementation with many extensions. Sound policy design will permit OASIS to protect the distributed resources whose access privileges it controls. However, through operating in a distributed environment, the underlying OASIS infrastructure is open to a number of potential attacks. This paper identifies three main classes of such attack and introduces techniques to ...

Search engine-based features are a basic interaction mean for users to find information inside a Web-based Learning Management Systems (LMS); nonetheless, traditional solutions lack in mechanisms for access rights management for data contained in search engines’ indexes. This paper explores the integration of a Role Based Access Control (RBAC) mechanism for the interaction with a search engine ...

Arjmand Samuel, Hammad Haseeb, Arif Ghafoor and Elisa Bertino Abstract Cyber Physical Systems (CPS) are complex systems that operate in a dynamic environment where security characteristics of contexts are unique, and uniform access to secure resources anywhere anytime to mobile entities poses daunting challenges. To capture context parameters such as location and time in an access control polic...

Nowadays, the development of robust educational systems has been a reality thus provoking great efforts to control users’ access in these systems. Besides, an educational system has mutable tasks, changing users’ permissions and consequently limitations are generated in the system security. The main feature of RBAC (Role Based Access Control) is that permissions are associated with roles, and a...

One of the main design challenges of any Web-based Emergency Management Information System (WEMIS) is the diversity of users and responsibilities to be considered. Modelling the access capabilities of different communities of users is a most relevant concern for which the RBAC (Role-Based Access Control) paradigm provides flexible and powerful constructs. In this paper we describe how we used a...

Despite the widespread adoption of Role-based Access Control (RBAC) models, new access control models are required for new applications for which RBAC may not be especially well suited and for which implementations of RBAC do not enable properties of access control policies to be adequately defined and proven. To address these issues, we propose a form of access control model that is based upon...

Today’s web-based collaborative applications need new approaches to overcome the shortcomings of classical access control. The limitations on administrative aspects of the existing security models and the requirements for more efficient management of authorizations in order to provide fine-grained and just-in-time access control for collaborative applications are discussed in this paper. The pr...

This paper explores the application of role-based access control to social networks, from the perspective of social network analysis. Each tie, composed of a relation, a sender and a receiver, involves the sender's assignation of the receiver to a role with permissions. The model is not constrained to system-defined relations and lets users define them unilaterally. It benefits of RBAC's advant...