Access control in a virtual university

Abstract

We present a role-based access control model that enables the management of access control policy for the courses in a virtual university. Of particular interest, the model enables the specification of policy once for all courses, the distribution of role administration to multiple principal within restricted domains, and primitives for expression of constraints in terms of permissions and user groups to ease specification. We provide a demonstration of the model by expressing the roles for course participants.