J2EE应用程序中指定访问控制策略的一种方法

14th Asia-Pacific Software Engineering Conference (APSEC'07) Pub Date : 2007-12-04 DOI:10.1109/APSEC.2007.18

H. Vo, Masato Suzuki

{"title":"J2EE应用程序中指定访问控制策略的一种方法","authors":"H. Vo, Masato Suzuki","doi":"10.1109/APSEC.2007.18","DOIUrl":null,"url":null,"abstract":"Most applications based on J2EE platform use role- based access control as an efficient mechanism to achieve security. The current approach for specifying access rule is based on methods of Enterprise JavaBeans (EJBs). In large-scale systems, where a large number of EJBs are used and the interactions between EJBs are complex, direct use of this method- based approach is error-prone and difficult to maintain. We propose an alternative approach for specifying access control policy based on the concept of business function.","PeriodicalId":273688,"journal":{"name":"14th Asia-Pacific Software Engineering Conference (APSEC'07)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-12-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Approach for Specifying Access Control Policy in J2EE Applications\",\"authors\":\"H. Vo, Masato Suzuki\",\"doi\":\"10.1109/APSEC.2007.18\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Most applications based on J2EE platform use role- based access control as an efficient mechanism to achieve security. The current approach for specifying access rule is based on methods of Enterprise JavaBeans (EJBs). In large-scale systems, where a large number of EJBs are used and the interactions between EJBs are complex, direct use of this method- based approach is error-prone and difficult to maintain. We propose an alternative approach for specifying access control policy based on the concept of business function.\",\"PeriodicalId\":273688,\"journal\":{\"name\":\"14th Asia-Pacific Software Engineering Conference (APSEC'07)\",\"volume\":\"1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-12-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"14th Asia-Pacific Software Engineering Conference (APSEC'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/APSEC.2007.18\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"14th Asia-Pacific Software Engineering Conference (APSEC'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/APSEC.2007.18","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

大多数基于J2EE平台的应用程序使用基于角色的访问控制作为实现安全性的有效机制。当前指定访问规则的方法是基于Enterprise JavaBeans (ejb)的方法。在使用大量ejb并且ejb之间的交互非常复杂的大型系统中，直接使用这种基于方法的方法容易出错并且难以维护。我们提出了一种基于业务功能概念指定访问控制策略的替代方法。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

An Approach for Specifying Access Control Policy in J2EE Applications

Most applications based on J2EE platform use role- based access control as an efficient mechanism to achieve security. The current approach for specifying access rule is based on methods of Enterprise JavaBeans (EJBs). In large-scale systems, where a large number of EJBs are used and the interactions between EJBs are complex, direct use of this method- based approach is error-prone and difficult to maintain. We propose an alternative approach for specifying access control policy based on the concept of business function.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

14th Asia-Pacific Software Engineering Conference (APSEC'07)

自引率

0.00%

发文量