An aspect-oriented approach to declarative access control for web applications

Authors:
Kung Chen;Ching-Wei Lin
Affiliations:
Department of Computer Science, National Chengchi University, Wenshan, Taipei, Taiwan;Department of Computer Science, National Chengchi University, Wenshan, Taipei, Taiwan
Venue:
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Year:
2006

Citing 7
Cited 4

Role-Based Access Control Models

Computer
Getting started with ASPECTJ

Communications of the ACM
Security Through Aspect-Oriented Programming

Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Advice weaving in AspectJ

Proceedings of the 3rd international conference on Aspect-oriented software development
The Need for Declarative Security Mechanisms

EUROMICRO '04 Proceedings of the 30th EUROMICRO Conference
Instance-level access control for business-to-business electronic commerce

IBM Systems Journal
A practical aspect framework for enforcing fine-grained access control in web applications

ISPEC'05 Proceedings of the First international conference on Information Security Practice and Experience

From Formal Access Control Policies to Runtime Enforcement Aspects

ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
From Access Control Policies to an Aspect-Based Infrastructure: A Metamodel-Based Approach

Models in Software Engineering
A transformation contract to generate aspects from access control policies

Software and Systems Modeling (SoSyM)
Adaptive access control enforcement in social network using aspect weaving

DASFAA'12 Proceedings of the 17th international conference on Database Systems for Advanced Applications

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper presents an aspect-oriented approach to declarative access control for Web applications that can not only realize fine-grained access control requirements but also accomplish it with very little runtime overhead. We devise a translation scheme that will automatically synthesize the desired aspect modules from access control rules in XML format and properly designed aspect templates. The generated aspect modules will then be compiled and integrated into the underlying application using standard aspect tools. At runtime, these aspect codes will be executed to enforce the required access control without any runtime interpretation overhead. Future changes of access control rules can also be effectively realized through these mechanisms without actual coding.