Secure scripting based composite application development: Framework, architecture, and implementation

Author

Dinkelaker, Tom ; Johnstone, Alisdair ; Karabulut, Yuecel ; Nassi, Ike

Author_Institution

SAP Labs., SAP Res. Center Palo Alto, Palo Alto, CA

fYear

2007

fDate

12-15 Nov. 2007

Firstpage

85

Lastpage

94

Abstract

Dynamic scripting languages such as Ruby provide language features that enable developers to express their intent more rapidly and with fewer expressions. Organizations started using these languages in order to add enhancements to their existing applications or create composite applications. Current research has not yet addressed how security specification and enforcement can be done for scripting based application development. To fill this gap, we developed a framework for the design and facilitation of security. Our approach enables a business oriented application developer to add high-level security intentions to his business process model. The framework supports the automatic generation of security configuration and enforcement. As a proof-of-concept, we present an architecture and report the implementation status.

Keywords

security of data; business oriented application; composite application development; high-level security intentions; secure scripting; security automatic generation; Application software; Companies; Data security; Functional programming; Java; Logic; Packaging; Programming profession; User interfaces; Web services; composite application; scripting; security;

fLanguage

English

Publisher

ieee

Conference_Titel

Collaborative Computing: Networking, Applications and Worksharing, 2007. CollaborateCom 2007. International Conference on

Conference_Location

New York, NY

Print_ISBN

978-1-4244-1318-8

Electronic_ISBN

978-1-4244-1317-1

Type

conf

DOI

10.1109/COLCOM.2007.4553815

Filename

4553815