Integrating Access Policies into the Development Process of Hypermedia Web Systems
Paloma Diaz (Universidad Carlos III de Madrid, Spain), Daniel Sanz (Universidad Carlos III de Madrid, Spain), Susana Montero (Universidad Carlos III de Madrid, Spain) and Ignacio Aedo (Universidad Carlos III de Madrid, Spain)
Copyright: © 2008
This chapter discusses the integration of access control in the development process of hypermedia applications. Two key ideas are proposed: the use of high level, abstract access control models and the inclusion of access control in the whole life cycle of hypermedia applications. Authors present an access control model for hypermedia that makes it possible to formalize access policies using elements of the hypermedia domain, those used to specify structure and navigation services. Abstract models are not enoughto assist developers in dealing with security in a systematic way. Thus, authors describe how high-level access rules can be specified following the Ariadne Development Method (ADM). The ARCE project is used as example of development.