access control active software capabilities policy models
Trinity College Dublin, Department of Computer Science
Abendroth, Joerg; Jensen, Christian D.. 'A Unified Security Framework for Networked Applications'. - Dublin, Trinity College Dublin, Department of Computer Science, TCD-CS-2003-11, 2003, pp7
Computer Science Technical Report TCD-CS-2003-11
Various security models have been proposed for different
types of applications and numerous types of execution environments.
These models are typically reinforced by adding
code to the application, which authenticates principals, authorises
operations and establishes secure communication
among distributed software components (e.g., clients and
servers). This code is often application and context-specific,
which makes it difficult to integrate an application with
other each other.
In this paper we propose a new unified access control
mechanism that supports most of the existing security models
and offers a number of additional controls that are not
normally provided by security mechanisms. Moreover, the
proposed mechanism integrates well with existing programming
paradigms for distributed application, e.g., client/server
technology and component based programming. This means
that it can be seamlessly integrated with most existing distributed
applications. We have implemented the proposed
mechanism in a framework, that can be instantiated to implement
different security models and policies. We present
a qualitative evaluation that demonstrates the framework's
ability to support a wide range of security policies and a
preliminary performance evaluation of the framework.
Please note: There is a known bug in some browsers that causes an
error when a user tries to view large pdf file within the browser window.
If you receive the message "The file is damaged and could not be
repaired", please try one of the solutions linked below based on the
browser you are using.
Items in TARA are protected by copyright, with all rights reserved, unless otherwise indicated.