Björn Muschall

Learn More
As part of the access control process an authorization decision needs to be taken based on a certain authorization model. Depending on the environment different models are applicable (e.g., RBAC in organizations , MAC in the military field). An authorization model contains all necessary elements needed for the decision (e.g., subjects, objects, and roles)(More)
Moderne Anwendungen aus dem Bereich des e-Commerce, sowie Enterprise -und e-Government-Portale bringen aufgrund der Vielzahl höchst heterogener Benutzer und der Diversität der Informationsressourcen die Notwendigkeit für flexible Autorisierungs-und Zugriffskontrollverfahren mit sich. Für den Zugriff auf der-artige Anwendungen ist sicherzustellen, dass(More)
Web-based systems like enterprise and e-government portals pose special requirements to information security. Today's portal platforms provide some security functionality, mainly targeting at supporting a single-sign-on for the underlying applications. We argue that single-sign-on is not sufficient, but rather a mature security service is needed as a(More)
Our group is involved in the European funded Webocracy project in which an e-government system called Webocrat has been designed and implemented. Our responsibility is to provide mechanisms guaranteeing secure and reliable access to Webocrat. According to the security requirements from the city councils involved in the project we have implemented a generic(More)
  • 1