Role-Based Access Control Models
Computer
On the validity of the Bell-LaPadula model
Computers and Security
RBAC '97 Proceedings of the second ACM workshop on Role-based access control
On the criteria to be used in decomposing systems into modules
Communications of the ACM
Security Through Aspect-Oriented Programming
Proceedings of the IFIP TC11 WG11.4 First Annual Working Conference on Network Security: Advances in Network and Distributed Systems Security
Organization based access control
POLICY '03 Proceedings of the 4th IEEE International Workshop on Policies for Distributed Systems and Networks
AspectJ in Action: Practical Aspect-Oriented Programming
AspectJ in Action: Practical Aspect-Oriented Programming
A semantics for advice and dynamic join points in aspect-oriented programming
ACM Transactions on Programming Languages and Systems (TOPLAS)
Role-Based Access Control, Second Edition
Role-Based Access Control, Second Edition
Modeling contextual security policies
International Journal of Information Security
An aspect-oriented approach to declarative access control for web applications
APWeb'06 Proceedings of the 8th Asia-Pacific Web conference on Frontiers of WWW Research and Development
Hi-index | 0.00 |
Current social network systems support a large range of applications with very different security requirements. Even if available social network solutions provide some security functionalities, users do not control these functionalities and cannot customize them to handle their specific security needs. In this paper, we suggest a new approach to handle these issues. This approach is based on Aspect Oriented Programming (AOP) which enables the enforcement of an independent, reusable access control policy through the modification of the program at runtime. This makes possible to externalize the security concerns and weave them into an existing social network. Using this approach, it is possible to customize security of social network at different levels. First, one can specify the global security policy of the particular social network application and then, each member of this social network can further refine this global policy to specify their specific security requirements. This approach is illustrated on the open source social network system Elgg.