Role based access control for the interaction with search engines

Abstract

Search engine-based features are a basic interaction mean for users to find information inside a Web-based Learning Management Systems (LMS); nonetheless, traditional solutions lack in mechanisms for access rights management for data contained in search engines' in- dexes. This paper explores the integration of a Role Based Access Control (RBAC) mechanism for the interaction with a search engine in a Web- based LMS. We first outline a reference conceptual model for the design of Web-based LMSs exploiting RBAC by means of WebML, a visual modeling language for the high-level specification of data-intensive Web applications. Then, we propose a model-driven approach for the definition of a RBAC-driven interaction between users and search engines, extending WebML with new modeling primitives and outlining significative modeling patterns for the specification of the visibility and action access control levels.