Title :
GitBAC: Flexible access control for non-modular concerns
Author :
Robinson, Mark ; Niu, Jianwei ; Shonle, Macneil
Author_Institution :
Univ. of Texas at San Antonio, San Antonio, TX, USA
Abstract :
Today´s techniques for controlling access to software artifacts are limited to restricting access to whole files and directories. But when a company´s access control policy does not match a project´s existing physical modularization, these techniques require either an all-or-nothing approach or re-modularization of the files and directories. The increased maintenance overhead this brings to project administration can lead to unimplemented or insufficient developer access control and an increased risk of insider security incidents (e.g., theft of intellectual property). We have created a tool (GitBAC) to provide access control of software artifacts using a crosscutting concern instead of artifact modularization. Our method provides fine-grained access control of artifacts and accommodates flexible access control policies.
Keywords :
authorisation; software maintenance; GitBAC; artifact modularization; company access control policy; fine-grained access control; flexible access control; nonmodular concerns; project administration; software artifact access control; Access control; Conferences; Monitoring; Programming; Servers; Software; Access control; crosscutting concerns; development tools;
Conference_Titel :
Automated Software Engineering (ASE), 2011 26th IEEE/ACM International Conference on
Conference_Location :
Lawrence, KS
Print_ISBN :
978-1-4577-1638-6
DOI :
10.1109/ASE.2011.6100109
