A Tool Supporting End-User Development of Access Control in Web Applications

End-user development (EUD) is drawing an increasing attention due to the necessity of users to frequently extend and personalize their applications. In particular, EUD in the context of Web (EUDWeb) is focusing on technologies capable of supporting development tasks that the end-user feels more complex. However, although the specification and implementation of access control is perceived as a particularly complex task, little efforts have been made to support it within current EUDWeb environments. Thus, in this paper we propose an EUDWeb framework and tool for the specification and the generation of web applications embedding access control mechanisms. We extended a previous mockup-based EUDWeb approach, by introducing visual assistance mechanisms enabling the specification of role-based access control policies, and their integration within the application logic. The usability of the proposed framework has been evaluated by means of a user study, in which we have shown that a group of heterogeneous end-users could proficiently use the proposed framework to develop meaningful web applications, some of which including access control functionalities.