Visual Authorization Modeling in E-commerce Applications

Considers how task-based security models let enterprises control access at the application rather than the operating system level. The Visual Security Administrator (Visa) uses visual languages to represent steps in this authorization process with icons and gestures to support security management by nontechnical users, such as enterprise managers.

[1]  Ian Sommerville,et al.  Software engineering (6th ed.) , 2001 .

[2]  Yuliang Zheng,et al.  A Framework for the Management of Information Security , 1997, ISW.

[3]  Genny Tortora,et al.  A Parsing Methodology for the Implementation of Visual Systems , 1997, IEEE Trans. Software Eng..

[4]  Vladimir Zwass,et al.  Electronic Commerce: Structures and Issues , 1996, Int. J. Electron. Commer..

[5]  Vijayalakshmi Atluri,et al.  SecureFlow: a secure Web-enabled workflow management system , 1999, RBAC '99.

[6]  Weigang Wang,et al.  Team-and-role-based organizational context and access control for cooperative hypermedia environments , 1999, Hypertext.

[7]  Shi-Kuo Chang Extending Visual Languages for Multimedia , 1996, IEEE Multim..

[8]  J. Doug Tygar,et al.  Miró: Visual Specification of Security , 1990, IEEE Trans. Software Eng..

[9]  Arif Ghafoor,et al.  Interval-Based Conceptual Models for Time-Dependent Multimedia Data , 1993, IEEE Trans. Knowl. Data Eng..

[10]  Frederick J. Riggins,et al.  Toward a unified view of electronic commerce , 1998, CACM.

[11]  Ravi S. Sandhu,et al.  Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management , 1997, DBSec.

[12]  Jonathan Lee,et al.  Task-Based Specifications Through Conceptual Graphs , 1996, IEEE Expert.

[13]  Karl N. Levitt,et al.  Security Policy Specification Using a Graphical Approach , 1998, ArXiv.

[14]  Ronald M. Lee Distributed Electronic Trade Scenarios: Representation, Design, Prototyping , 1998, Int. J. Electron. Commer..

[15]  Johannes Klein Advanced rule driven transaction management , 1991, COMPCON Spring '91 Digest of Papers.