Dynamic Access Control Framework for Enterprise Content Management Systems

Nadia Hocine; Ismail Bokhari

doi:10.5220/0010514806470652

Dynamic Access Control Framework for Enterprise Content Management Systems

Nadia Hocine, Ismail Bokhari

2021

Abstract

With the large adoption of telework business model, employees can work anytime, anywhere and sometimes with their own personal devices due to the limited financial capabilities of their companies. Many issues of the security and access control of remote exchanges of Enterprise Content Management systems (ECM) have to be considered. In particular, the access control should be adapted to employees’ context, their multiple device capabilities as well as their profiles and situations to increase the usability of the system. However, most access control models do not take into account the users’ profiles and the variability of their devices in open network. They also focus on the continuous intervention of administrators to manage the system and add new devices and set parameters. With the diversity of users’ devices and context conditions in telework, access control needs to be dynamically managed to reduce human intervention. In this paper, we suggest an agent-based access control framework that focuses on M5StickC external device used as an access badge. The framework is based on a multi-level rule engine to dynamically generate policies according to users’ context, profile and device. It is implemented and proposed as an open-source solution for small companies to manage their own ECM access control.

Download

Paper Citation

in Harvard Style

Hocine N. and Bokhari I. (2021). Dynamic Access Control Framework for Enterprise Content Management Systems. In Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT, ISBN 978-989-758-524-1, pages 647-652. DOI: 10.5220/0010514806470652

in Bibtex Style

@conference{secrypt21,
author={Nadia Hocine and Ismail Bokhari},
title={Dynamic Access Control Framework for Enterprise Content Management Systems},
booktitle={Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,},
year={2021},
pages={647-652},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0010514806470652},
isbn={978-989-758-524-1},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 18th International Conference on Security and Cryptography - Volume 1: SECRYPT,
TI - Dynamic Access Control Framework for Enterprise Content Management Systems
SN - 978-989-758-524-1
AU - Hocine N.
AU - Bokhari I.
PY - 2021
SP - 647
EP - 652
DO - 10.5220/0010514806470652