Software engineering for security: a roadmap
Proceedings of the Conference on The Future of Software Engineering
Conquering aspects with Caesar
Proceedings of the 2nd international conference on Aspect-oriented software development
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Access control with IBM Tivoli access manager
ACM Transactions on Information and System Security (TISSEC)
A Resource Access Decision Service for CORBA-Based Distributed Systems
ACSAC '99 Proceedings of the 15th Annual Computer Security Applications Conference
Uniform Application-level Access Control Enforcement of Organizationwide Policies
ACSAC '05 Proceedings of the 21st Annual Computer Security Applications Conference
From Formal Access Control Policies to Runtime Enforcement Aspects
ESSoS '09 Proceedings of the 1st International Symposium on Engineering Secure Software and Systems
International Journal of Information and Computer Security
A system of patterns for reusable aspect libraries
Transactions on aspect-oriented software development VIII
| Hi-index | 0.00 |
Ideally, the enforcement of application-specific policies in an access control service should be untangled from the application logic. The access control services that are provided in state-of-the-art application servers typically fail to support such a separation. Aspect-Oriented Software Development techniques can be used to alleviate such shortcomings. This paper describes the design and implementation of a modular access control service that improves the separation between application logic and access control. The prototype has been implemented in CaesarJ.