Program Concept Recognition and Transformation
IEEE Transactions on Software Engineering - Special issue on software maintenance
Security models for web-based applications
Communications of the ACM
FEAT: a tool for locating, describing, and analyzing concerns in source code
Proceedings of the 25th International Conference on Software Engineering
Security Policies to Mitigate Insider Threat in the Document Control Domain
ACSAC '04 Proceedings of the 20th Annual Computer Security Applications Conference
Mylar: a degree-of-interest model for IDEs
Proceedings of the 4th international conference on Aspect-oriented software development
Concern modeling in the concern manipulation environment
MACS '05 Proceedings of the 2005 workshop on Modeling and analysis of concerns in software
ConcernMapper: simple view-based separation of scattered concerns
eclipse '05 Proceedings of the 2005 OOPSLA workshop on Eclipse technology eXchange
NaCIN: an Eclipse plug-in for program navigation-based concern inference
eclipse '05 Proceedings of the 2005 OOPSLA workshop on Eclipse technology eXchange
Cross-artifact traceability using lightweight links
TEFSE '09 Proceedings of the 2009 ICSE Workshop on Traceability in Emerging Forms of Software Engineering
We have met the enemy and he is us
Proceedings of the 2008 workshop on New security paradigms
Co-evolving code and design with intensional views
Computer Languages, Systems and Structures
Explicit Concern-Driven Development with ArchEvol
ASE '09 Proceedings of the 2009 IEEE/ACM International Conference on Automated Software Engineering
Using twinning to adapt programs to alternative APIs
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
Identifying crosscutting concerns using historical code changes
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 1
An agenda for concern-oriented software engineering
Proceedings of the FSE/SDP workshop on Future of software engineering research
| Hi-index | 0.00 |
Today's techniques for controlling access to software artifacts are limited to restricting access to whole files and directories. But when a company's access control policy does not match a project's existing physical modularization, these techniques require either an all-or-nothing approach or re-modularization of the files and directories. The increased maintenance overhead this brings to project administration can lead to unimplemented or insufficient developer access control and an increased risk of insider security incidents (e.g., theft of intellectual property). We have created a tool (GitBAC) to provide access control of software artifacts using a crosscutting concern instead of artifact modularization. Our method provides fine-grained access control of artifacts and accommodates flexible access control policies.