Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Java Data Objects
The management of users, roles, and permissions in JDOSecure
PPPJ '06 Proceedings of the 4th international symposium on Principles and practice of programming in Java
Using JDOSecure to introduce role-based permissions to java data objects-based applications
DEXA'06 Proceedings of the 17th international conference on Database and Expert Systems Applications
Usage of JSF framework and EJB technology in the creation of corporate applications
Annales UMCS, Informatica
| Hi-index | 0.00 |
The concept of declarative security allows the separation of security concerns from business logic and enables the development of highly flexible and secure applications. Whereas Hibernate and the Enterprise Java Beans specification provide sufficient authentication and authorization functionalities in the context of object persistence, the Java Data Objects (JDO) specification designed as a lightweight persistence approach doesn't provide any declarative security capabilities. The novel security approach, JDOSecure, introduces a role-based permission system to the JDO persistence layer, which is based on the Java Authentication and Authorization Service (JAAS). JDOSecure is based on the dynamic proxy approach and ensures the collaboration with any JDO implementation. It comprises a management solution for users, roles, and permissions and allows storing the authentication and authorization information in any arbitrary JDO resource. Furthermore, a Java-based administration utility with a graphical user interface simplifies the maintenance of security privileges and permissions.