Title :
Generation of Role Based Access Control Security Policies for Java Collaborative Applications
Author :
Briffaut, J. ; Kauffmann-Tourkestansky, X. ; Lalande, J.-F. ; Smari, W.W.
Author_Institution :
LIFO - EA 402, ENSI de Bourges, Bourges, France
Abstract :
Java collaborative applications are increasingly and widely used in the form of applets or servlets, as a way to easily download and execute small programs on one´s computer. However, security associated with these downloaded applications, even if it exists, is not easily manageable. Most of the time, it relies on the user´s ability to define a security policy for his virtual machine, which is undesirable. This paper proposes to integrate an RBAC mechanism for any Java application. It introduces a simple tag process that allows the developer to incorporate the appropriate policy in the source code of his application. The user is endowed with the ability to choose a role that corresponds to the required level of trust required in order for him to embed the policy in the executed code. A case study of a collaborative application shows how works the proposed API for managing roles, generating policies and logging in. At the end, a discussion about the dynamic enforcement of the generated policies is presented.
Keywords :
Java; application program interfaces; authorisation; virtual machines; Java collaborative applications; RBAC mechanism; application program interface; role based access control security policies; tag process; virtual machine; Access control; Application software; Collaboration; Collaborative work; Data security; Information security; Java; Operating systems; Permission; Virtual machining; RBAC; collaborative applications; java;
Conference_Titel :
Emerging Security Information, Systems and Technologies, 2009. SECURWARE '09. Third International Conference on
Conference_Location :
Athens, Glyfada
Print_ISBN :
978-0-7695-3668-2
DOI :
10.1109/SECURWARE.2009.41
