Security is a key requirement in multi-user hypermedia systems, where the ability of different users to access and manipulate the information depend on their needs and responsibilities. If security policies are specified in terms of individual users and low-level abstractions not related to the hypermedia domain, security administration becomes complex and prone to error. This paper describes how an RBAC (Role Based Access Control) module is integrated into a web server that is treated as a hypermedia system instead of as a set of files, programs and network protocols. This implies the definition of a set of hypermedia related operations that authorised roles can execute on the system objects.
Sanz, Daniel, Paloma Diaz, and Ignacio Aedo. "IMPLEMENTING RBAC POLICIES IN A WEB SERVER." In ELPUB2002 - Technology Interactions. Proceedings of the 6th International ICCC/IFIP Conference on Electronic Publishing. ELPUB. Karlovy Vary, Czech Republic: VWF Berlin, 2002.