Implementing role-based access control using object technology
RBAC '95 Proceedings of the first ACM Workshop on Role-based access control
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
The grand challenge of Trusted Components
Proceedings of the 25th International Conference on Software Engineering
The role of the self-defending object concept in developing distributed security-aware applications
ACISP'06 Proceedings of the 11th Australasian conference on Information Security and Privacy
Adaptive data protection in distributed systems
Proceedings of the third ACM conference on Data and application security and privacy
Adaptive data management for self-protecting objects in cloud computing systems
Proceedings of the 8th International Conference on Network and Service Management
Hi-index | 0.00 |
The self defending object (SDO) approach to the development of security aware applications represents a change in the object oriented paradigm, whereby the software objects that encapsulate sensitive data or provide security sensitive functionality are responsible for its protection. Such an approach aims at defining and testing new concepts related to the growing requirements for information assurance in information systems. It involves a shift in the way in which application developers look at objects. Rather than acting as containers and dispensers of data, software objects become actively responsible for the protection of that data. By basing the design of security aware applications on the SDO concept, the provision of application specific, user centric, access control is simplified. When using the SDO approach, the access control mechanisms are localized within those objects that encapsulate sensitive data and functionality rather than being distributed throughout the application. Consequently, security measures are consistently applied and are not bypassable.The major contribution of this paper is to discuss how the SDO concept that was introduced in (Holford, Caelli & Rhodes 2003), can be used in the development of security aware applications. It begins by briefly presenting the rationale behind the SDO concept and its applicability to software design. It continues with a discussion of the experiences gained from using the SDO concept in the development of prototype security aware applications in the Java™ language and concludes by outlining future work aimed at extending the concept to the provision of 'self defending' software components and finding solutions for the trusted deployment of such components.