Nothing Special   »   [go: up one dir, main page]
Skip to main content
Springer Nature Link
Log in

An Aspect-Oriented Approach to Declarative Access Control for Web Applications

  • Conference paper
Frontiers of WWW Research and Development - APWeb 2006 (APWeb 2006)

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 3841))

Included in the following conference series:

Abstract

This paper presents an aspect-oriented approach to declarative access control for Web applications that can not only realize fine-grained access control requirements but also accomplish it with very little runtime overhead. We devise a translation scheme that will automatically synthesize the desired aspect modules from access control rules in XML format and properly designed aspect templates. The generated aspect modules will then be compiled and integrated into the underlying application using standard aspect tools. At runtime, these aspect codes will be executed to enforce the required access control without any runtime interpretation overhead. Future changes of access control rules can also be effectively realized through these mechanisms without actual coding.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Subscribe and save

Springer+ Basic
$34.99 /Month
  • Get 10 units per month
  • Download Article/Chapter or eBook
  • 1 Unit = 1 Article or 1 Chapter
  • Cancel anytime
Subscribe now

Buy Now

Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 189.00
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Similar content being viewed by others

References

  1. The Apache Struts Web Application Framework, http://struts.apache.org/

  2. Beznosov, K., Deng, Y.: Engineering Application-level Access Control in Distributed Systems. In: Handbook of Software Engineering and Knowledge Engineering, vol. 1 (2002)

    Google Scholar 

  3. Chen, K., Huang, C.H.: A Practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications. In: Deng, R.H., Bao, F., Pang, H., Zhou, J. (eds.) ISPEC 2005. LNCS, vol. 3439, pp. 156–167. Springer, Heidelberg (2005)

    Chapter  Google Scholar 

  4. De Win, B., Piessens, F., Joosen, W., Verhanneman, T.: On the importance of the separation-of-concerns principle in secure software engineering. In: Workshop on the Application of Engineering Principles to System Security Design (2002)

    Google Scholar 

  5. De Win, B., Vanhaute, B., De Decker, B.: Security Through Aspect-Oriented Programming. In: Advances in Network and Distributed Systems Security, pp. 125–138. Kluwer Academic, Dordrecht (2001)

    Google Scholar 

  6. Fonseca, C.A.: Extending JAAS for Class Instance-Level Authorization. IBM DeveloperWorks (April 2002), http://www-106.ibm.com/developerworks/java/library/j-jaas/

  7. Gamma, Helm, Johnson, Vlissides: Design Patterns. Addison-Wesley, Reading (1995)

    Google Scholar 

  8. Goodwin, R., Goh, S.F., Wu, F.Y.: Instance-level access control for business-to-business electronic commerce. IBM System Journal 41(2) (2002)

    Google Scholar 

  9. Hilsdale, E., Hugunin, J.: Advice Weaving in AspectJ. In: Proceedings of the 3rd International Conference on Aspect-Oriented Software Development, Lancaster, pp. 26–35 (2004)

    Google Scholar 

  10. Kiczales, G., Lamping, J., Menhdhekar, A., Maeda, C., Lopes, C., Loingtier, J.-M., Irwin, J.: Aspect-Oriented Programming. In: Aksit, M., Matsuoka, S. (eds.) ECOOP 1997. LNCS, vol. 1241, pp. 220–242. Springer, Heidelberg (1997)

    Chapter  Google Scholar 

  11. Kiczales, G., Hilsdale, E., Hugunin, J., Kersten, M., Palm, J., Griswold, W.G.: Getting Started with AspectJ. Communications of ACM 44(10), 59–65 (2001)

    Article  Google Scholar 

  12. Lin, C.W.: An Aspect-Oriented Approach to Fine-Grained Access Control for Web Applications. M.S. Thesis, National Chengchi University (July 2005)

    Google Scholar 

  13. Open Web Application Security Project: The Top Ten Most Critical Web Application Security Vulnerabilities, http://www.owasp.org/documentation/topten

  14. Probst, S., Kueng, J.: The Need for Declarative Security Mechanisms. In: IEEE Proceedings of the 30th EUROMICRO Conference (EUROMICRO 2004) (August 2004)

    Google Scholar 

  15. Sandhu, R., Coyne, E., Feinstein, H., Youman, C.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)

    Google Scholar 

  16. Sun Microsystems, Java Authentication and Authorization Service (JAAS), http://java.sun.com/products/jaas/index.jsp

  17. Sun Microsystem, Java 2 Platform, Enterprise Edition (J2EE), http://java.sun.com/j2ee/

Download references

Author information

Authors and Affiliations

  1. Department of Computer Science, National Chengchi University, Wenshan, Taipei, 106, Taiwan

    Kung Chen & Ching-Wei Lin

Authors
  1. Kung Chen
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ching-Wei Lin
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. School of ITEE, The University of Queensland, Australia

    Xiaofang Zhou

  2. School of Computer Science and Technology, Heilongjiang University, China

    Jianzhong Li

  3. School of Information Technology and Electrical Engineering, The University of Queensland, Brisbane, QLD, Australia

    Heng Tao Shen

  4. Institute of Industrial Science, The University of Tokyo, 4-6-1 Komaba, Meguro-ku, 153-8505, Tokyo, Japan

    Masaru Kitsuregawa

  5. Victoria University, Australia

    Yanchun Zhang

Rights and permissions

Reprints and permissions

Copyright information

© 2006 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Chen, K., Lin, CW. (2006). An Aspect-Oriented Approach to Declarative Access Control for Web Applications. In: Zhou, X., Li, J., Shen, H.T., Kitsuregawa, M., Zhang, Y. (eds) Frontiers of WWW Research and Development - APWeb 2006. APWeb 2006. Lecture Notes in Computer Science, vol 3841. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11610113_17

Download citation

  • DOI: https://doi.org/10.1007/11610113_17

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-31142-3

  • Online ISBN: 978-3-540-32437-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation