GAMMA - A platform independent framework for reusable authentication, authorization, and auditing components

S. Probst. GAMMA - A platform independent framework for reusable authentication, authorization, and auditing components. 10, 2004.

  • Stefan Probst
Abstract Security is nowadays recognized as an absolute need in software development.Although thoroughly researched concepts for access control exist that have beenproven in mainframe computing, we still lack of adequate mechanisms that can beused in today’s development of modern software architectures. However, currentlywe face the situation that security mechanisms have often been added to existingsoftware causing many of the well-known deficiencies found in software products.One reason may be the lack of appropriate reusable components that supportapplication developers. Another reason might be that applications have diversesecurity requirements that cannot be handled adequately. Thus, security is oftenaddressed and implemented directly into the code, reducing reusability,maintainability, and flexibility aspects. However, with rise of component-basedsoftware development security models needs to be made available for reuse,encapsulating the security logic from the business logic.This thesis presents GAMMA, a platform and architecture neutral framework, thatoffers reusable authentication, authorization, and auditing mechanisms by providingdeclarative security mechanisms. Declarative security allows the decoupling ofsecurity logic completely from the application logic, allowing to write highlyflexible, reusable but still security aware software components and applications.Furthermore, this concept is proven by presenting a reference implementation of thisframework which offers several ready-to-use but still extensible authentication,authorization, and auditing mechanisms that can be transparently integrated intoapplications.