Access control in a web-based business management application

Loading...
Thumbnail Image

URL

Journal Title

Journal ISSN

Volume Title

Helsinki University of Technology | Diplomityö

Date

2008

Major/Subject

Tietojenkäsittelyoppi

Mcode

T-76

Degree programme

Language

en

Pages

97

Series

Abstract

The amount of Web applications used to replace existing traditional business applications has recently increased significantly. This makes it important to have proper security mechanisms for the web applications. Access control is the management of access to information and resources. Role-based access control (RBAC) is a policy neutral and very flexible access control system. In RBAC permissions are assigned to roles instead of directly to users. The thesis concentrates on the access control part of a web application. The thesis builds the foundation for implementing an access control system for a web-based business management application. The thesis presents different types of access control models and establishes which are the most suitable for the given application. After establishing RBAC as the most suitable model, it is implemented in the business management application.

Description

Supervisor

Sulonen, Reijo

Thesis advisor

Kohonen, Oskar

Keywords

access control, oikeuksienhallinta, åtkomstkontroll, web application, www-sovellus, behörighetsadministration, role-based, roolipohjainen, www, rollbaserad

Other note

Citation