A declarative authentication and authorization framework for convergent IMS/Web application servers based on aspect oriented code injection

Fernández, Luis Vicente Doncel; Carrillo, Micael Gallego; Pelaez, J.; Fernández, Fernando Nieto

doi:10.1109/imsaa.2008.4753912

Cited by 1 publication

(1 citation statement)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Even though the authors recognize the importance of separation of concerns in their work, they focus on showing techniques on the implementation level, detailing how to combine AOP with Spring Security. However, their approach is representative of other solutions based on AOP [39] [40], which covers modularization of crosscutting concerns (REQ03), transparent interception mechanism (REQ02), and it also offers a simple form of RuBAC (REQ01). The other architectural requirements presented in Table I are not covered.…”

Section: Academic Authorization Frameworkmentioning

confidence: 99%

A Modularity and Extensibility Analysis on Authorization Frameworks

Guerra

Silva

Fernandes

2016

J. Inf. Secur. Cryptogr.

View full text Add to dashboard Cite

Authorization in its most basic form can be reduced to a simple question: “May a subject X access an object Y?” The attempt to implement an adequate response to this authorization question has produced many access control models and mechanisms. The development of the authorization mechanisms usually employs frameworks, which usually implements one access control model, as a way of reusing larger portions of software. However, some authorization requirements, present on recent applications, have demanded for software systems to be able to handle security policies of multiple access control models. Industry has resolved this problem in a pragmatic way, by using the framework to solve part of the problem, and mingling business and the remaining authorization concerns into the code. The main goal of this paper is to present a comparative analysis between the existing frameworks developed either within the academic and industry environments. This analysis uses a motivating example to present the main industry frameworks and consider the fulfillment of modularity, extensibility and granularity requirements facing its suitability for the existing access control models. This analysis included the Esfinge Guardian framework, which is an open source framework developed by the authors that provides mechanisms that allows its extension to implement and combine different authorization models.

show abstract

Section: Academic Authorization Frameworkmentioning

confidence: 99%