End-user development (EUD) is drawing an increasing attention due to the necessity of users to frequently extend and personalize their applications. In particular, EUD in the context of Web (EUDWeb) is focusing on technologies capable of supporting development tasks that the end-user feels more complex. However, although the specification and implementation of access control is perceived as a particularly complex task, little efforts have been made to support it within current EUDWeb environments. Thus, in this paper we propose an EUDWeb framework and tool for the specification and the generation of web applications embedding access control mechanisms. We extended a previous mockup-based EUDWeb approach, by introducing visual assistance mechanisms enabling the specification of role-based access control policies, and their integration within the application logic. The usability of the proposed framework has been evaluated by means of a user study, in which we have shown that a group of heterogeneous end-users could proficiently use the proposed framework to develop meaningful web applications, some of which including access control functionalities.

A Tool Supporting End-User Development of Access Control in Web Applications

CARUCCIO, LOREDANA;DEUFEMIA, Vincenzo;POLESE, Giuseppe
2015

Abstract

End-user development (EUD) is drawing an increasing attention due to the necessity of users to frequently extend and personalize their applications. In particular, EUD in the context of Web (EUDWeb) is focusing on technologies capable of supporting development tasks that the end-user feels more complex. However, although the specification and implementation of access control is perceived as a particularly complex task, little efforts have been made to support it within current EUDWeb environments. Thus, in this paper we propose an EUDWeb framework and tool for the specification and the generation of web applications embedding access control mechanisms. We extended a previous mockup-based EUDWeb approach, by introducing visual assistance mechanisms enabling the specification of role-based access control policies, and their integration within the application logic. The usability of the proposed framework has been evaluated by means of a user study, in which we have shown that a group of heterogeneous end-users could proficiently use the proposed framework to develop meaningful web applications, some of which including access control functionalities.
File in questo prodotto:
Non ci sono file associati a questo prodotto.

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: http://hdl.handle.net/11386/4654821
 Attenzione

Attenzione! I dati visualizzati non sono stati sottoposti a validazione da parte dell'ateneo

Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 13
  • ???jsp.display-item.citation.isi??? 10
social impact