Loading...
Please wait, while we are loading the content...
Similar Documents
Automating the security of java ee applications with fine-grained roles and security profiles.
| Content Provider | CiteSeerX |
|---|---|
| Author | Franky, María Consuelo Victor Manuel Toro, C. |
| Abstract | Abstract — Almost every software system must include a security module to authenticate users and to authorize what elements of the system can be accessed by each user. This paper describes a security model called “CincoSecurity ” that follows the Role Based Access Control model (RBAC), but implementing fine-grained roles that can be grouped into “security profiles”. This leads to a great flexibility to configure the security of an application by selecting the operations allowed to each security profile, and later, by registering the users in one or several of these profiles. We describe also a security software module (that implements the CincoSecurity model) that we propose to be the initial code baseline for the development of any Use Cases oriented Java EE system, offering from the beginning a flexible, extensible and administrable access control to the elements of the application that is to be developed. Moreover, CincoSecurity allows automating the generation of the additional code required to protect the use cases and its elements of the Java EE application being developed, with tools that add the required security restriction code accordingly with the proposed security model. |
| File Format | |
| Access Restriction | Open |
| Subject Keyword | Security Profile Fine-grained Role Java Ee Application Use Case Security Model Great Flexibility Access Control Model Cincosecurity Model Administrable Access Control Security Module Additional Code Initial Code Baseline Abstract Almost Software System Security Software Module Required Security Restriction Code Java Ee System |
| Content Type | Text |
| Resource Type | Article |
