Title :
Seamless Secure Development of Systems: From Modeling to Enforcement of Access Control Policies
Author :
Parsa, Saeed ; Damanafshan, Morteza
Author_Institution :
Iran Univ. of Sci. & Technol., Tehran
Abstract :
Despite the emphasis on removing gap between software models and implementation code, there has been made little effort to apply software tools to enforce access control models directly into program code. In this paper the design and implementation of an access control policy enforcement environment is described. Within this environment, view-based access control policies defined in XML Metadata Interchange format are translated into view policy language. The view policy language primitives are then easily translated into Java primitives. At last, these primitives are enforced into Java program code to be secured. Two major benefits of applying the proposed approach for modeling and enforcement of access control policies are rapid development of view-based customized applications and secure enforcement of ordered chain of methods´ executions.
Keywords :
Java; XML; authorisation; meta data; software tools; Java primitives; Java program code; XML metadata interchange format; software tools; systems seamless secure development; view policy language; view-based access control policies; Access control; Application software; Bridges; Computer languages; Computer security; Cryptography; Information security; Java; Protection; Software tools;
Conference_Titel :
Computer Systems and Applications, 2007. AICCSA '07. IEEE/ACS International Conference on
Conference_Location :
Amman
Print_ISBN :
1-4244-1030-4
Electronic_ISBN :
1-4244-1031-2
DOI :
10.1109/AICCSA.2007.370724
