DocumentCode :
2709806
Title :
An Approach for Specifying Access Control Policy in J2EE Applications
Author :
Vo, Hieu Dinh ; Suzuki, Masato
Author_Institution :
Japan Adv. Inst. of Sci. & Technol., Tokyo
fYear :
2007
fDate :
4-7 Dec. 2007
Firstpage :
422
Lastpage :
429
Abstract :
Most applications based on J2EE platform use role- based access control as an efficient mechanism to achieve security. The current approach for specifying access rule is based on methods of Enterprise JavaBeans (EJBs). In large-scale systems, where a large number of EJBs are used and the interactions between EJBs are complex, direct use of this method- based approach is error-prone and difficult to maintain. We propose an alternative approach for specifying access control policy based on the concept of business function.
Keywords :
Java; authorisation; formal specification; object-oriented programming; Enterprise JavaBeans; J2EE applications; access control policy specification; business function; large-scale system; role-based access control; security; Access control; Application software; Costs; Information science; Information security; Information systems; Java; Large-scale systems; Software engineering; Sun;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Software Engineering Conference, 2007. APSEC 2007. 14th Asia-Pacific
Conference_Location :
Aichi
ISSN :
1530-1362
Print_ISBN :
0-7695-3057-5
Type :
conf
DOI :
10.1109/ASPEC.2007.19
Filename :
4425883
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2709806
بازگشت