ProActive caching: a framework for performance optimized access control evaluations

  • Authors:

  • Mathias Kohler;Robert Fies

  • Affiliations:

  • SAP Research, Karlsruhe, Germany;SAP Research, Karlsruhe, Germany

  • Venue:
  • POLICY'09 Proceedings of the 10th IEEE international conference on Policies for distributed systems and networks
  • Year:
  • 2009

Quantified Score

Hi-index 0.01

Visualization

Abstract

Users expect that systems react instantly. This is specifically the case for user-centric workflows running in multi-layered enterprise system landscapes which demand finegrained access control mechanisms and support for dynamic security policies. Thus, efficient evaluation of security policies becomes an important factor for the overall system performance. Caching approaches may help to address this issue. In previous work we introduced ProActive Caching as an approach that consists of two phases: first, in an online phase, we automatically determine a workflow-specific heuristic for pre-computing and caching access decisions during a process execution. Second, in an online phase, we use the determined heuristic for the cache management. Hence, ProActive Caching provides a framework which is able to pre-compute access decisions based on an offline analysis of the system. In this paper we present a demonstrator for this framework. It comprises a tool for generating the workflow-specific heuristics, as well as a ProActive Caching enabled business process system which uses the generated heuristics for pre-computing access decisions during process execution. An additional performance monitor shows the performance increase of the system.