Aplicação do Modelo UCONABC em Sistemas de Comércio Eletrônico B2B
Abstract
The systems of Business-to-Business (B2B) Electronic Commerce (EC) are used for business management among different companies. These systems need a differentiate form of treating access control when interact with each other. Researches in this area are being developed in a significant way. Recently the UCONABC model was proposed embracing new concepts. The application of this model in B2B EC systems is an aspect that is investigated in this article. This article proposes a form of UCONABC application that assists the specific needs of B2B EC systems that interact with each other, presenting a solution to treat the access control and the permissions management.
References
Blaze, M.; Feigenbaum, J. e Lacy, J. (1996) "Decentralized Trust Management", em Proceedings of the 1996 IEEE Symposium on Security and Privacy. p. 164. ISBN:0-8186-7417-2 Publisher: IEEE Computer Society Press. Washington, DC, USA.
Blodget, H.; McCabe, E. (2000) "The B2B Market Maker Book: Indepth Report", Acessado em 20 de Novembro de 2004, [link], Merrill Lynch and Company.
Dabous, F.; Rabhi, F.; Ray, P. (2003) "Middleware Technologies for B2B Integration", em Annual Review of Communications. ISBN:1-931695-22-9. Vol. 56, International Engineering Consortium.
Essmayr, W.; Probst, S. & Weippl, E. (2004) "Role-Based Access Controls: Status, Dissemination, and Prospects from Generic Security Mechanisms". Electronic Commerce Research. ISSN: 1389-5753. Vol 4, nº 1-2, P. 127-156. Áustria.
Goodwin, R; Goh, S.; Wu, F. (2002) "Instance-level access control for business-to-business electronic commerce". IBM Systems Journal, Vol. 41, Nº 2, p. 303 317.
Kraft, R. (2002) "Designing a distributed access control processor for network services on the Web", em: ACM workshop on XML security. p. 36-52, ISBN: 1-58113-6323. ACM Press, New York, NY, USA.
Liu, Q. et. All (2003) "Digital Rights Management for Content Distribution", em: Australasian Information Security Workshop Conference, ACM. Vol. 21, p. 49-58, ISBN - ISSN:1445-1336 , 1-920682-00-7. Adelaide, Austrália.
Medjahed, B. et. All (2003) "Business-to-Business interactions: issues and enabling technologies", em The VLDB Journal - The International Journal on Very Large Data Bases. ISSN:1066-8888. Vol. 12, p. 59-85. Springer-Verlag, New York.
Park, J. e Sandhu R. (2002) "Towards Usage Control Models: Beyond Traditional Access Control", em SACMAT Proceedings of the Seventh {ACM} Symposium on Access Control Models and Technologies. p. 57 - 64, New York - USA.
Park, J (2003) "Usage Control: A Unified Framework for Next Generation Access Control". 155 f. Tese de Doutorado em Tecnologia da Informação Universidade George Mason. Virginia - USA.
Park, J. e Sandhu R. (2004) "The UCONABC Usage Control Model", To appear in Proceedings of 9th ACM Symposium on Access Control Models and Technologies.
Quix, C.; Schoop, M. e Jeusfeld, M. (2002) em "Business Data Management for Business-to-Business Electronic Commerce.", SIGMOD. Vol 31, Nº 1, p. 49 - 54.
Radowiisky, Z. (2002) "Business-to-Business E-Commerce And Enterprise Resource Planning: Increasing Value in Supply Chain Management". Em Proceeding of the 87th Annual International Supply Management Conference, Institute of Supply Management. São Francisco - USA.
Robison, L. (2002) "Implementing Security in B2B Applications". Implementing B2B Commerce with .NET: A Guide for Programmers and Technical Managers. Capítulo 7, ISBN: 0201719320, Edição 1, Ed.: Addison Wesley Professional. Obtido em: http://www.awprofessional.com/articles/article.asp?p=27143.
Sandhu, R. (2001). "Future Directions in Role-Based Access Control Models". International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security. ISBN:3-540-42103-3. Vol. 2052, p. 22 - 26, London - UK.
Blodget, H.; McCabe, E. (2000) "The B2B Market Maker Book: Indepth Report", Acessado em 20 de Novembro de 2004, [link], Merrill Lynch and Company.
Dabous, F.; Rabhi, F.; Ray, P. (2003) "Middleware Technologies for B2B Integration", em Annual Review of Communications. ISBN:1-931695-22-9. Vol. 56, International Engineering Consortium.
Essmayr, W.; Probst, S. & Weippl, E. (2004) "Role-Based Access Controls: Status, Dissemination, and Prospects from Generic Security Mechanisms". Electronic Commerce Research. ISSN: 1389-5753. Vol 4, nº 1-2, P. 127-156. Áustria.
Goodwin, R; Goh, S.; Wu, F. (2002) "Instance-level access control for business-to-business electronic commerce". IBM Systems Journal, Vol. 41, Nº 2, p. 303 317.
Kraft, R. (2002) "Designing a distributed access control processor for network services on the Web", em: ACM workshop on XML security. p. 36-52, ISBN: 1-58113-6323. ACM Press, New York, NY, USA.
Liu, Q. et. All (2003) "Digital Rights Management for Content Distribution", em: Australasian Information Security Workshop Conference, ACM. Vol. 21, p. 49-58, ISBN - ISSN:1445-1336 , 1-920682-00-7. Adelaide, Austrália.
Medjahed, B. et. All (2003) "Business-to-Business interactions: issues and enabling technologies", em The VLDB Journal - The International Journal on Very Large Data Bases. ISSN:1066-8888. Vol. 12, p. 59-85. Springer-Verlag, New York.
Park, J. e Sandhu R. (2002) "Towards Usage Control Models: Beyond Traditional Access Control", em SACMAT Proceedings of the Seventh {ACM} Symposium on Access Control Models and Technologies. p. 57 - 64, New York - USA.
Park, J (2003) "Usage Control: A Unified Framework for Next Generation Access Control". 155 f. Tese de Doutorado em Tecnologia da Informação Universidade George Mason. Virginia - USA.
Park, J. e Sandhu R. (2004) "The UCONABC Usage Control Model", To appear in Proceedings of 9th ACM Symposium on Access Control Models and Technologies.
Quix, C.; Schoop, M. e Jeusfeld, M. (2002) em "Business Data Management for Business-to-Business Electronic Commerce.", SIGMOD. Vol 31, Nº 1, p. 49 - 54.
Radowiisky, Z. (2002) "Business-to-Business E-Commerce And Enterprise Resource Planning: Increasing Value in Supply Chain Management". Em Proceeding of the 87th Annual International Supply Management Conference, Institute of Supply Management. São Francisco - USA.
Robison, L. (2002) "Implementing Security in B2B Applications". Implementing B2B Commerce with .NET: A Guide for Programmers and Technical Managers. Capítulo 7, ISBN: 0201719320, Edição 1, Ed.: Addison Wesley Professional. Obtido em: http://www.awprofessional.com/articles/article.asp?p=27143.
Sandhu, R. (2001). "Future Directions in Role-Based Access Control Models". International Workshop on Information Assurance in Computer Networks: Methods, Models, and Architectures for Network Security. ISBN:3-540-42103-3. Vol. 2052, p. 22 - 26, London - UK.
Published
2005-09-26
How to Cite
CAMY, Alexandre Rosa; WESTPHALL, Carla Merkle; RIGHI, Rafael da Rosa.
Aplicação do Modelo UCONABC em Sistemas de Comércio Eletrônico B2B. In: BRAZILIAN SYMPOSIUM ON CYBERSECURITY (SBSEG), 5. , 2005, Florianópolis.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2005
.
p. 202-215.
DOI: https://doi.org/10.5753/sbseg.2005.21533.
