Show/Hide Menu
Hide/Show Apps
Logout
Türkçe
Türkçe
Search
Search
Login
Login
OpenMETU
OpenMETU
About
About
Open Science Policy
Open Science Policy
Open Access Guideline
Open Access Guideline
Postgraduate Thesis Guideline
Postgraduate Thesis Guideline
Communities & Collections
Communities & Collections
Help
Help
Frequently Asked Questions
Frequently Asked Questions
Guides
Guides
Thesis submission
Thesis submission
MS without thesis term project submission
MS without thesis term project submission
Publication submission with DOI
Publication submission with DOI
Publication submission
Publication submission
Supporting Information
Supporting Information
General Information
General Information
Copyright, Embargo and License
Copyright, Embargo and License
Contact us
Contact us
Design and implementation of a hybrid and configurable access control model
Download
index.pdf
Date
2009
Author
Turan, Uğur
Metadata
Show full item record
Item Usage Stats
222
views
82
downloads
Cite This
A hybrid and configurable access control model is designed to satisfy the requirements of using different access control models in the same schema. The idea is arised to completely combine and configure the two main access control models, discretionary and mandatory which have been widely used in many systems so far with their advantages and disadvantages. The motivation originates from the fact that; in real life usage, discretionary based systems needs some strict policies and mandatory based systems needs some flexibility. The model is designed to combine these two appoaches in a single and configurable model, with some required real life extensions, in a conflictfree fashion and configurable degree of combination. Implementation of the model has been done and main important cases which shows the power and expressiveness of the model are designed and implemented. The authorization process is in the responsibility of the model which can be combined with secured authentication and auditing schemas. The new approaches as Role-Based, Context-Based and Temporal access control can easily be embedded in the model due to its generic and modular design.
Subject Keywords
Computer enginnering.
,
Computer software.
URI
http://etd.lib.metu.edu.tr/upload/3/12611137/index.pdf
https://hdl.handle.net/11511/18891
Collections
Graduate School of Natural and Applied Sciences, Thesis
Suggestions
OpenMETU
Core
Design and implementation of a plug-in framework for distributed object technologies
Kadıoğlu, Koray; Doğru, Ali Hikmet; Department of Computer Engineering (2006)
This thesis presents a framework design and implementation that enables run-time selection of different remote call mechanisms. In order to implement an extendable and modular system with run-time upgrading facility, a plug-in framework design is used. Since such a design requires enhanced usage of run-time facilities of the programming language that is used to implement the framework, in this study Java is selected because of its reflection and dynamic class loading facilities. A sample usage of this frame...
A conformance and interoperability test suite for Turkey’s National Health Information System (NHIS) and an interactive test control and monitoring environment
Sınacı, Ali Anıl; Doğaç, Asuman; Department of Computer Engineering (2009)
Conformance to standards and interoperability is a major challenge of today`s applications in all domains. Several standards have been developed and some are still under development to address the various layers in the interoperability stack. Conformance and interoperability testing involves checking whether the applications conform to the standards so that they can interoperate with other conformant systems. Only through testing, correct information exchange among applications can be guaranteed. National H...
Design and implementation of a privacy framework for web servicesin the travel domain
Erkanar, Mehmet; Doğaç, Asuman; Department of Computer Engineering (2005)
A web service is a collection of functions that are packaged as a single entity and published to the network for use by other programs. Web services are building blocks for creating open distributed systems, and allow companies and individuals to quickly and cheaply make their digital assets available worldwide. With considerable interoperability, privacy management becomes an inevitable concern of the web services. Companies and individuals should be able to restrict the information available about themsel...
Design and implementation of an open security architecture for a software-based security module
Kaynar, Kaan; Özgit, Attila; Department of Computer Engineering (2009)
Main purpose of this thesis work is to design a comprehensive and open security architecture whose desired parts could be realized on a general-purpose embedded computer without any special cryptography hardware. The architecture provides security mechanisms that implement known cryptography techniques, operations of some famous network security protocols and appropriate system security methods. Consequently, a server machine may offload a substantial part of its security processing tasks to an embedded com...
Providing scalability for an automated web service composition framework
Kaya, Ertay; Çiçekli, Fehime Nihan; Department of Computer Engineering (2010)
In this thesis, some enhancements to an existing automatic web service composition and execution system are described which provide a practical significance to the existing framework with scalability, i.e. the ability to operate on large service sets in reasonable time. In addition, the service storage mechanism utilized in the enhanced system presents an effective method to maintain large service sets. The described enhanced system provides scalability by implementing a pre-processing phase that extracts s...
Citation Formats
IEEE
ACM
APA
CHICAGO
MLA
BibTeX
U. Turan, “Design and implementation of a hybrid and configurable access control model,” M.S. - Master of Science, Middle East Technical University, 2009.