RE: Model for Field level Access Control

You can try phpgacl if your using php

Michael J. Lanham
Major, Infantry
U.S. Military Academy Instructor
D/EECS 845-938-5562 DSN: 688-xxxx, Thayer 1121



> -----Original Message-----
> From: Sundaram, Ramasubramanian (Cognizant) 
> [mailto:SRamasub@xxxxxxxxxxxxxxxxx] 
> Sent: Thursday, February 26, 2004 12:18 AM
> To: webappsec@xxxxxxxxxxxxxxxxx
> Subject: Model for Field level Access Control
> 
> 
> HI,
>   We are designing a data model for a web application which 
> requires attribute level access control for records. 
>   This application manages hundreds of thousands of records 
> of people. The users of this application work on these 
> records by modifying the attributes of the people, adding new 
> entries, searching for people etc. Access to these records 
> needs to be restricted based on the following factors. 
> 1)Userid / Role of the logged in user 2)The record he is 
> trying to access 3)Fields of the record that he is trying to 
> access and 
> 4)The action he is trying to perform on the 
> record(edit,delete or create a new record)
> 
> Has anyone come across an efficient model to 
> represent/evaluate these restrictions? These records are 
> stored in a database.
> 
> Any help in this regard is greatly appreciated.
> 
> Thanks,
> Rams 
>  
>