Access Controls by Object-Oriented Concepts

This paper introduces object-oriented access controls (OOAC) as a result of consequently applying the object-oriented paradigm for providing access controls in object and interoperable databases. OOAC includes: (1) subjects, like users, roles etc., are regarded as firstclass objects, (2) objects are accessed by sending messages, and (3) access controls deal with controlling the flow of messages among objects. OOAC are not intended to replace legacy access control mechanisms which mainly have been designed and applied in non-object environments. Instead, they provide the basis for applying these concepts in true object-oriented environments. An object authorization language (OAL) is proposed for specifying authorizations in a declarative manner. We illustrate the feasibility of the proposed concepts in applying them to IRO-DB II, an extension of the database federation IRO-DB, that provides interoperable access between relational and object-oriented database systems on the world-wide-w..

Applicability of HCI Research to eGovernment Applications

This paper gives an overview of the state of the art in the field of HCI (Human-Computer Interaction) and investigates the applicability of HCI research to the development of large, data intensive software systems.1 We employ our experiences in a project on administration software for the health insurance sector, for which we designed and implemented an HCI prototype. We describe problems we encountered, focussing on the design process, user involvement, and GUI design. We propose possible solutions for these problems and conclude that for e-government applications the problems we pointed out are also typical but even more critical to solve due to issues like web-based user interface constraints, for instance, as there are neither any usability guidelines for web pages established, nor is there any usability awareness

Meta-Data for Enterprise-Wide Security Administration

The paper gives an overview on the meta-data specification for administrating and enforcing enterprisewide security for heterogeneous and distributed information systems. The meta-data serves as a basis to maintain enterprise-wide security information centrally, to integrate isolated security specifications, to keep the consistency between different security policies, and to perform access controls. The meta-data specifies all the information necessary for retaining the security concepts of an interoperable environment as well as all corresponding security information. Since several security systems have to be integrated within an interoperable environment the meta-data also contains the specification of mappings between security concepts and concrete security information. 1. Introduction Within large enterprises the increasing quantity of information systems significantly burdens the proper interoperation and cooperation of the participating systems. Since new types of information sy..