Title :
Access Control Enforcement of Organizational Wide Policies in Object-Oriented Application
Author :
Wang, Ting ; Chen, Xingyuan ; Zhang, Bin ; Xin, Siyuan
Author_Institution :
Zhengzhou Inf. Sci. & Technol. Inst., Zhengzhou, China
Abstract :
Along with the development of information technology, the demand on uniformly enforcing authentication and authorization for multiple organizational applications is increasing. However, it is challenging for original applications to integrate with an uniform authorization infrastructure because each of them has respective separate logic. To solve this problem, in this paper, an approach of enforcing organizational wide authorization and access control for object-oriented application is proposed, which realizes a uniform authorization and access control mechanism. The concept of abstract resource is introduced to bridge the gap between uniform authorization logic and application logic. And the abstract resource shields the specific details of an application system, so that it can provide supports for easier management of high-level authorization and uniform access control. In the end, the analysis of our approach is given. The proposed approach is integrated tightly with application, easy to manage, and able to effectively enforce uniform authorization and access control in organizational wide multiple applications.
Keywords :
authorisation; message authentication; object-oriented methods; abstract resource; access control enforcement; authentication; object-oriented application; organizational wide authorization; uniform authorization; Access control; Application software; Authentication; Authorization; Information science; Information security; Information technology; Logic; Protection; Resource management;
Conference_Titel :
Information Engineering and Computer Science, 2009. ICIECS 2009. International Conference on
Conference_Location :
Wuhan
Print_ISBN :
978-1-4244-4994-1
DOI :
10.1109/ICIECS.2009.5363510
