基于安全脚本的复合应用程序开发:框架、体系结构和实现

2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007) Pub Date : 2007-11-12 DOI:10.1109/COLCOM.2007.4553815

T. Dinkelaker, Alisdair Johnstone, Yücel Karabulut, I. Nassi

{"title":"基于安全脚本的复合应用程序开发:框架、体系结构和实现","authors":"T. Dinkelaker, Alisdair Johnstone, Yücel Karabulut, I. Nassi","doi":"10.1109/COLCOM.2007.4553815","DOIUrl":null,"url":null,"abstract":"Dynamic scripting languages such as Ruby provide language features that enable developers to express their intent more rapidly and with fewer expressions. Organizations started using these languages in order to add enhancements to their existing applications or create composite applications. Current research has not yet addressed how security specification and enforcement can be done for scripting based application development. To fill this gap, we developed a framework for the design and facilitation of security. Our approach enables a business oriented application developer to add high-level security intentions to his business process model. The framework supports the automatic generation of security configuration and enforcement. As a proof-of-concept, we present an architecture and report the implementation status.","PeriodicalId":340691,"journal":{"name":"2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"Secure scripting based composite application development: Framework, architecture, and implementation\",\"authors\":\"T. Dinkelaker, Alisdair Johnstone, Yücel Karabulut, I. Nassi\",\"doi\":\"10.1109/COLCOM.2007.4553815\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Dynamic scripting languages such as Ruby provide language features that enable developers to express their intent more rapidly and with fewer expressions. Organizations started using these languages in order to add enhancements to their existing applications or create composite applications. Current research has not yet addressed how security specification and enforcement can be done for scripting based application development. To fill this gap, we developed a framework for the design and facilitation of security. Our approach enables a business oriented application developer to add high-level security intentions to his business process model. The framework supports the automatic generation of security configuration and enforcement. As a proof-of-concept, we present an architecture and report the implementation status.\",\"PeriodicalId\":340691,\"journal\":{\"name\":\"2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)\",\"volume\":\"47 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-11-12\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/COLCOM.2007.4553815\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/COLCOM.2007.4553815","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 5

摘要

动态脚本语言(如Ruby)提供的语言特性使开发人员能够更快速地用更少的表达式表达他们的意图。组织开始使用这些语言是为了向现有应用程序添加增强功能或创建复合应用程序。目前的研究还没有解决如何对基于脚本的应用程序开发进行安全规范和实施。为了填补这一空白，我们开发了一个设计和促进安全的框架。我们的方法使面向业务的应用程序开发人员能够向其业务流程模型中添加高级安全意图。该框架支持自动生成安全配置和实施。作为概念验证，我们提出了一个体系结构并报告了实现状态。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Secure scripting based composite application development: Framework, architecture, and implementation

Dynamic scripting languages such as Ruby provide language features that enable developers to express their intent more rapidly and with fewer expressions. Organizations started using these languages in order to add enhancements to their existing applications or create composite applications. Current research has not yet addressed how security specification and enforcement can be done for scripting based application development. To fill this gap, we developed a framework for the design and facilitation of security. Our approach enables a business oriented application developer to add high-level security intentions to his business process model. The framework supports the automatic generation of security configuration and enforcement. As a proof-of-concept, we present an architecture and report the implementation status.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 International Conference on Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom 2007)

自引率

0.00%

发文量