Aplicação do Modelo UCONABC em Sistemas de Comércio Eletrônico B2B
Resumo
Os sistemas de Comércio Eletrônico (CE) Business-to-Business (B2B) são utilizados para a administração de negócios entre diferentes empresas.Estes sistemas necessitam de uma forma diferenciada de tratar o controle de acesso quando interagem entre si. Pesquisas nesta área vêm evoluindo de maneira significativa. O modelo UCONABC foi proposto recentemente abrangendo novos conceitos.A aplicação deste modelo em sistemas de CE B2B é um aspecto que é investigado nesse artigo. Este artigo propõe uma forma de aplicação do UCONABC que atenda as necessidades específicas de sistemas de CE B2B que interagem entre si, apresentando uma solução para tratar o controle de acesso e o gerenciamento de permissões.
Referências
Blaze, M.; Feigenbaum, J. e Lacy, J. (1996) "Decentralized Trust Management", em Proceedings of the 1996 IEEE Symposium on Security and Privacy. p. 164. ISBN:0-8186-7417-2 Publisher: IEEE Computer Society Press. Washington, DC, USA.
Blodget, H.; McCabe, E. (2000) "The B2B Market Maker Book: Indepth Report", Acessado em 20 de Novembro de 2004, [link], Merrill Lynch and Company.
Dabous, F.; Rabhi, F.; Ray, P. (2003) "Middleware Technologies for B2B Integration", em Annual Review of Communications. ISBN:1-931695-22-9. Vol. 56, International Engineering Consortium.
Essmayr, W.; Probst, S. & Weippl, E. (2004) "Role-Based Access Controls: Status, Dissemination, and Prospects from Generic Security Mechanisms". Electronic Commerce Research. ISSN: 1389-5753. Vol 4, nº 1-2, P. 127-156. Áustria.
Goodwin, R; Goh, S.; Wu, F. (2002) "Instance-level access control for business-to-business electronic commerce". IBM Systems Journal, Vol. 41, Nº 2, p. 303 317.
Kraft, R. (2002) "Designing a distributed access control processor for network services on the Web", em: ACM workshop on XML security. p. 36-52, ISBN: 1-58113-6323. ACM Press, New York, NY, USA.
Liu, Q. et. All (2003) "Digital Rights Management for Content Distribution", em: Australasian Information Security Workshop Conference, ACM. Vol. 21, p. 49-58, ISBN - ISSN:1445-1336 , 1-920682-00-7. Adelaide, Austrália.
Medjahed, B. et. All (2003) "Business-to-Business interactions: issues and enabling technologies", em The VLDB Journal - The International Journal on Very Large Data Bases. ISSN:1066-8888. Vol. 12, p. 59-85. Springer-Verlag, New York.
Park, J. e Sandhu R. (2002) "Towards Usage Control Models: Beyond Traditional Access Control", em SACMAT Proceedings of the Seventh {ACM} Symposium on Access Control Models and Technologies. p. 57 - 64, New York - USA.
Park, J (2003) "Usage Control: A Unified Framework for Next Generation Access Control". 155 f. Tese de Doutorado em Tecnologia da Informação Universidade George Mason. Virginia - USA.
Park, J. e Sandhu R. (2004) "The UCONABC Usage Control Model", To appear in Proceedings of 9th ACM Symposium on Access Control Models and Technologies.
Quix, C.; Schoop, M. e Jeusfeld, M. (2002) em "Business Data Management for Business-to-Business Electronic Commerce.", SIGMOD. Vol 31, Nº 1, p. 49 - 54.
Radowiisky, Z. (2002) "Business-to-Business E-Commerce And Enterprise Resource Planning: Increasing Value in Supply Chain Management". Em Proceeding of the 87th Annual International Supply Management Conference, Institute of Supply Management. São Francisco - USA.
Robison, L. (2002) "Implementing Security in B2B Applications". Implementing B2B Commerce with .NET: A Guide for Programmers and Technical Managers. Capítulo 7, ISBN: 0201719320, Edição 1, Ed.: Addison Wesley Professional. Obtido em: http://www.awprofessional.com/articles/article.asp?p=27143.
Sandhu, R. (2001). "Future Directions in Role-Based Access Control Models". International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security. ISBN:3-540-42103-3. Vol. 2052, p. 22 - 26, London - UK.
Blodget, H.; McCabe, E. (2000) "The B2B Market Maker Book: Indepth Report", Acessado em 20 de Novembro de 2004, [link], Merrill Lynch and Company.
Dabous, F.; Rabhi, F.; Ray, P. (2003) "Middleware Technologies for B2B Integration", em Annual Review of Communications. ISBN:1-931695-22-9. Vol. 56, International Engineering Consortium.
Essmayr, W.; Probst, S. & Weippl, E. (2004) "Role-Based Access Controls: Status, Dissemination, and Prospects from Generic Security Mechanisms". Electronic Commerce Research. ISSN: 1389-5753. Vol 4, nº 1-2, P. 127-156. Áustria.
Goodwin, R; Goh, S.; Wu, F. (2002) "Instance-level access control for business-to-business electronic commerce". IBM Systems Journal, Vol. 41, Nº 2, p. 303 317.
Kraft, R. (2002) "Designing a distributed access control processor for network services on the Web", em: ACM workshop on XML security. p. 36-52, ISBN: 1-58113-6323. ACM Press, New York, NY, USA.
Liu, Q. et. All (2003) "Digital Rights Management for Content Distribution", em: Australasian Information Security Workshop Conference, ACM. Vol. 21, p. 49-58, ISBN - ISSN:1445-1336 , 1-920682-00-7. Adelaide, Austrália.
Medjahed, B. et. All (2003) "Business-to-Business interactions: issues and enabling technologies", em The VLDB Journal - The International Journal on Very Large Data Bases. ISSN:1066-8888. Vol. 12, p. 59-85. Springer-Verlag, New York.
Park, J. e Sandhu R. (2002) "Towards Usage Control Models: Beyond Traditional Access Control", em SACMAT Proceedings of the Seventh {ACM} Symposium on Access Control Models and Technologies. p. 57 - 64, New York - USA.
Park, J (2003) "Usage Control: A Unified Framework for Next Generation Access Control". 155 f. Tese de Doutorado em Tecnologia da Informação Universidade George Mason. Virginia - USA.
Park, J. e Sandhu R. (2004) "The UCONABC Usage Control Model", To appear in Proceedings of 9th ACM Symposium on Access Control Models and Technologies.
Quix, C.; Schoop, M. e Jeusfeld, M. (2002) em "Business Data Management for Business-to-Business Electronic Commerce.", SIGMOD. Vol 31, Nº 1, p. 49 - 54.
Radowiisky, Z. (2002) "Business-to-Business E-Commerce And Enterprise Resource Planning: Increasing Value in Supply Chain Management". Em Proceeding of the 87th Annual International Supply Management Conference, Institute of Supply Management. São Francisco - USA.
Robison, L. (2002) "Implementing Security in B2B Applications". Implementing B2B Commerce with .NET: A Guide for Programmers and Technical Managers. Capítulo 7, ISBN: 0201719320, Edição 1, Ed.: Addison Wesley Professional. Obtido em: http://www.awprofessional.com/articles/article.asp?p=27143.
Sandhu, R. (2001). "Future Directions in Role-Based Access Control Models". International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security. ISBN:3-540-42103-3. Vol. 2052, p. 22 - 26, London - UK.
Publicado
26/09/2005
Como Citar
CAMY, Alexandre Rosa; WESTPHALL, Carla Merkle; RIGHI, Rafael da Rosa.
Aplicação do Modelo UCONABC em Sistemas de Comércio Eletrônico B2B. In: SIMPÓSIO BRASILEIRO DE SEGURANÇA DA INFORMAÇÃO E DE SISTEMAS COMPUTACIONAIS (SBSEG), 5. , 2005, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2005
.
p. 202-215.
DOI: https://doi.org/10.5753/sbseg.2005.21533.
