Reusable components for developing security-aware applications
S. Probst, T. Ziebermayr, W. Essmayr. Reusable components for developing security-aware applications. pages 239-248, 12, 2002. | |
Autoren | |
Buch | Proc. 18th Annual Computer Security Applications Conf. (ACSAC 2002). |
Typ | In Konferenzband |
Verlag | IEEE Computer Society |
ISBN | 0-7695-1828-1 |
Monat | 12 |
Jahr | 2002 |
Seiten | 239-248 |
Abstract | Today, security is considered to be an important aspect of multi-tier application development. Thoroughly researched concepts for access control exist and have been proven in mainframe computing. However, they are often not used in today’s development of multi-tier applications. One reason may be the lack of appropriate reusable components that support application developers that frequently have to re-invent the wheel when it comes to access controls. The goal of this paper is to promote awareness of security issues when developing applications and to illustrate a suitable approach for that. Our framework called GAMMA (Generic Authorization Mechanisms for Multi-Tier Applications) offers several authentication, access control, and auditing mechanisms. Access control models can be combined or used simultaneously in order to provide application-specific and highly customizable mechanisms. Moreover, due to its component-based structure, new security models and additional approaches for authentication or auditing can easily be added. |