首页    期刊浏览 2024年12月02日 星期一
登录注册

文章基本信息

  • 标题:Enhancing the Wordpress System: From Role to Attribute-Based Access Control
  • 本地全文:下载
  • 作者:Lifeng Cao ; Jia Ying Ou ; Amirhossein Chinaei
  • 期刊名称:Computer Science & Information Technology
  • 电子版ISSN:2231-5403
  • 出版年度:2019
  • 卷号:9
  • 期号:4
  • 页码:1-16
  • DOI:10.5121/csit.2019.90410
  • 出版社:Academy & Industry Research Collaboration Center (AIRCC)
  • 摘要:Role-Based Access Control (RBAC) is the most commonly used model on web applications. The advantages of RBAC are the ease of understanding, applying and managing privileges. The static RBAC model cannot alter access permission in real-time without human involvement and therefore the model suffers from increasing false negative (and/or false positive) outcomes. Hence, the Attribute-Based Access Control (ABAC) model has been proposed to introduce dynamicity and minimize human involvement in order to enhance security. WordPress is a very popular Role-Based content management system. To our best knowledge, no solution to merge from RBAC to ABAC model for WordPress applications has been found. Our contribution is a WordPress plug-in that we have developed to build ABAC upon the existing RBAC setups. In this journey, we have investigated various scenarios by studying different application categories to come up with an enhanced automatic model that adds real-time grant and revoke feature to WordPress.
  • 关键词:Role;Base;Access;Control; Attribute;Base;Access;Control; WordPress; Content Management; Security
国家哲学社会科学文献中心版权所有