Application of Scenario-driven Role Engineering in Knowledge Management Systems - Requirements and Implementation

Kimmig, Daniel; Schmidt, Andreas; Bittner, Klaus; Dickerhof, Markus

Home // International Journal On Advances in Security, volume 5, numbers 1 and 2, 2012 // View article

Application of Scenario-driven Role Engineering in Knowledge Management Systems - Requirements and Implementation

Authors:
Daniel Kimmig
Andreas Schmidt
Klaus Bittner
Markus Dickerhof

Keywords: Access control; Knowledge Management; RBAC; Role Engineering

Abstract:
Collaborative systems, which are often used in short-term virtual enterprises or long-term cooperation net- works, often contain information about the manufacturing and fabrication competences of the participating technology partners. These should only be made available to a very restricted group of persons for example to support feasibility studies in the context of actual customer requests. This is a new important feature to be supported in nowadays knowledge management systems. Hence, the goal of this paper is to present a methodology for implementing an access control mechanism based on role based access control. This mechanism supports the definition of fine granular access rights capable of protecting sensible information often found in cooperative process knowledge management systems. In this paper we will discuss models of access control and present an adaption of the scenario-driven role engineering method to the special needs in a collaborative process knowledge management system with very particular access requirements. Beside the adaption of the scenario-driven role engineering method to such a system, the adapted method will be concretely applied to the process knowledge management system MinaBASE, which was developed in our institute. To complete, an implementation will be shown with the help of the inversion of control framework “Spring Security” as well as aspect-oriented programming. Here static as well as dynamic aspects of security will be presented. The paper shows in a detailed manner the usability of the scenario-driven role engineering method for applications in the field of collaborative knowledge management.

Pages: 1 to 15

Publication date: June 30, 2012

Published in: journal

ISSN: 1942-2636