Priebe, Torsten and Muschall, Björn and Dobmeier, Wolfgang and Pernul, Günther (2004) A Flexible Security System for Enterprise and e-Government Portals. In: Galindo, Fernando, (ed.) Database and Expert Systems Applications. Lecture notes in computer science, 3180. Springer, Berlin, pp. 884-893. ISBN 3-540-22936-1; 978-3-540-22936-0.
Download (142kB) - Repository staff only
Web-based systems like enterprise and e-government portals pose special requirements to information security. Todays portal platforms provide some security functionality, mainly targeting at supporting a single-sign-on for the underlying applications. We argue that single-sign-on is not sufficient, but rather a mature security service is needed as a central authorization instance. As access control is needed on different levels of a portal architecture, only this allows an integrated approach to security management. We present CSAP (Communication Security, Authentication, and Privacy), a flexible security system for enterprise and e-government portals. CSAP was originally developed within the EU-funded research project Webocracy. Meanwhile, various enhancements to CSAP have been made, which are being discussed in this paper. The major enhancement is a Metadata-based Access Control facility (MBAC) which allows more flexibility in highly open and heterogeneous systems. We use CSAP within two portal prototypes, one in an enterprise one in an e-government context, which are being presented as case studies.
|Item Type:||Book Section|
|Institutions:||Business, Economics and Information Systems > Institut für Wirtschaftsinformatik > Lehrstuhl für Wirtschaftsinformatik I - Informationssysteme (Prof. Dr. Günther Pernul)|
|Subjects:||300 Social sciences > 330 Economics|
|Created at the University of Regensburg:||Unknown|
|Deposited On:||19 Dec 2008 06:57|
|Last Modified:||20 Jul 2011 21:24|