Improving the aircraft design process using Web-based modeling and simulation
ACM Transactions on Modeling and Computer Simulation (TOMACS)
Secure virtual enclaves: Supporting coalition use of distributed application technologies
ACM Transactions on Information and System Security (TISSEC)
Model-Carrying Code (MCC): a new paradigm for mobile-code security
Proceedings of the 2001 workshop on New security paradigms
Object Security Attributes: Enabling Application-Specific Access Control in Middleware
On the Move to Meaningful Internet Systems, 2002 - DOA/CoopIS/ODBASE 2002 Confederated International Conferences DOA, CoopIS and ODBASE 2002
Policy-Driven Management of Agent Systems
POLICY '01 Proceedings of the International Workshop on Policies for Distributed Systems and Networks
DPS: An Architectural Style for Development of Secure Software
InfraSec '02 Proceedings of the International Conference on Infrastructure Security
Security Issues in the ABELS System for Linking Distributed Simulations
ANSS '03 Proceedings of the 36th annual symposium on Simulation
Protecting Java component integrity against Trojan Horse programs
Integrity and internal control in information systems V
An Approach for Modeling and Analysis of Security System Architectures
IEEE Transactions on Knowledge and Data Engineering
Role-Based Access Controls: Status, Dissemination, and Prospects for Generic Security Mechanisms
Electronic Commerce Research
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Formal specification and analysis of JAAS framework
Proceedings of the 2006 international workshop on Software engineering for secure systems
Infrastructural Support for Enforcing and Managing Distributed Application-Level Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
AOSecBuilder: an aspect-oriented security component
AIC'06 Proceedings of the 6th WSEAS International Conference on Applied Informatics and Communications
Security Challenges in Adaptive e-Health Processes
SAFECOMP '08 Proceedings of the 27th international conference on Computer Safety, Reliability, and Security
Program Transformations under Dynamic Security Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Interactive selection of Web services under multiple objectives
Information Technology and Management
A user authentication model for the OSGi service platform
AsiaSim'04 Proceedings of the Third Asian simulation conference on Systems Modeling and Simulation: theory and applications
Towards remote policy enforcement for runtime protection of mobile code using trusted computing
IWSEC'06 Proceedings of the 1st international conference on Security
Practical out-of-band authentication for mobile applications
Proceedings of the Industrial Track of the 13th ACM/IFIP/USENIX International Middleware Conference
| Hi-index | 0.00 |
Java(TM) security technology originally focused on creating a safe environment in which to run potentially untrusted code downloaded from the public network. With the latest release of the Java(TM) Platform (the Java(TM) 2 Software Development Kit, v 1.2), fine-grained access controls can be placed upon critical resources with regard to the identity of the running applets and applications, which are distinguished by where the code came from and who signed it. However, the Java platform still lacks the means to enforce access controls based on the identity of the user who runs the code. In this paper, we describe the design and implementation of the Java(TM) Authentication and Authorization Service (JAAS), a framework and programming interface that augments the Java(TM) platform with both user-based authentication and access control capabilities.