Title :
A Comparative Study of Access Control Languages
Author :
Pinagapani, Sathish ; Xu, Dianxiang ; Kong, Jun
Author_Institution :
Dept. of Comput. Sci., North Dakota State Univ., Fargo, ND, USA
Abstract :
In this paper, we compare three open source access control languages, XACML, JAAS and Java ACL. In addition to a conceptual analysis, we use a Web-based health care system as a common application, in which controlled access is implemented through each of the languages. We compare the languages using standard software metrics, such as reusability, policy expressiveness, extensibility, error handling, and programmatic control. The results of the comparative study indicate a high degree of variance in the three languages. They can serve as a useful guide for software developers to select an access control language that best meets their requirements.
Keywords :
Java; XML; authorisation; error handling; medical information systems; software reusability; JAAS; Java ACL; Web-based health care system; XACML; access control languages; error handling; open source access control languages; programmatic control; software extensibility; software metrics; software policy expressiveness; software reusability; Access control; Application software; Authentication; Authorization; Control systems; Error correction; Java; Medical services; Software metrics; Software standards; ACL; JAAS; XACML; access control; authentication; authorization; software metrics;
Conference_Titel :
Secure Software Integration and Reliability Improvement, 2009. SSIRI 2009. Third IEEE International Conference on
Conference_Location :
Shanghai
Print_ISBN :
978-0-7695-3758-0
DOI :
10.1109/SSIRI.2009.18
