Customization & Personalization on intranets or B2E portals

minceillusionInternet and Web Development

Jul 30, 2012 (5 years and 17 days ago)

231 views

Customization & Personalization

[Wikipedia]
On an
intranet

or
B2E

Enterprise Web portals
,
personalization

is often based on
user attributes such as department, functional area, or role. The term
customization

in this
context

refers to the ability of users to modify the page layout or specify what content should
be displayed.

There are three categories of
personalization
:

1.

Profile / Group based

2.

Behavior

based

3.

Collaboration based

There are three broad methods of
personalization
:

1.

Implicit

2.

Explicit

3.

Hybrid

With
implicit personalization

the personalization is performed by the web page (or information
system) based on the different categories mentioned above. With
explicit personalization
, the
web page (or information system) is changed by the user using the features provided by the
system.
Hybrid personalization

combines the above two approaches for leverage
best of both
worlds
.

Role B
ased
Content

Providing information that directly addre
sses the needs of a particular population

(
Role B
ased
/ Identity Based) (
Authoriz
ation

/
Access Control
)

It is a
n

approach to restricting
access to authorized users
, where
user access policies are

tied t
o
the actual identity of the user (authentication)
and the role of the

user in the organization.
When a user is assigned to a role, the user gets all the permissions that are granted to that role.

There are

three key components
:



I
dentity
/
role re
lationships, where
real users or groups of
users are assigned
to the roles



Roles
/privilege relationships
,

where
roles are

associated with permissions to access

resources



Update of roles upon job changes

Users can be assigned to more than one role; the permissions that are granted to the user are
the union of the permissions granted to each role.

A best pr
actice
is to assign groups instead of individual users to roles for the following reasons:



Improves performance
as
fewer groups exist than users.



Provides greater flexibility, by
using group membership to control resource access
.



Supports the addition and deletion of users from groups outside of the
application
server
environment.

References:

http://www.opengroup.org/security/heron.pdf

http://www.procurve.com/NR/rdonlyres/07FB1CD8
-
92F7
-
4812
-
AF03
-
E830C0758AED/0/700wlIdentityBasedAccessControlTechnicalBrief_Jun_06_WW_Eng_LTR.pdf

http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?to
pic=/com.ibm.websphere.
express.doc/info/exp/ae/csec_rolebased.html
)