Role-based and action-driven access control for Web services-oriented e-learning portal

Abstract

Researches on access control models have been conducted on a diversity of application areas. For those applications that adopt Web services-oriented techniques and portal principles, access control model is one of their important issues. This thesis presents our research on the access control model for a Web services-oriented e-learning portal system, Ubilearn. The access control model has been designed and developed as an access control portal framework to accommodate a variety of services' components within e-learning system. This portal framework integrates two access control approaches: a role-based access control mechanism is to control the role of individual users' access to a classified group of services via its portal interface; whereas an action-driven policy-based mechanism performs the identity services and policy management in a way that identity declarations can be transmitted and shared among each of the services within the system. Finally we describe the implementation of such access control framework in Ubilearn, a Web services-oriented e-learning portal application.