Generation of Role Based Access Control Security Policies for Java Collaborative Applications

Java collaborative applications are increasingly and widely used in the form of applets or servlets, as a way to easily download and execute small programs on one´s computer. However, security associated with these downloaded applications, even if it exists, is not easily manageable. Most of the time, it relies on the user´s ability to define a security policy for his virtual machine, which is undesirable. This paper proposes to integrate an RBAC mechanism for any Java application. It introduces a simple tag process that allows the developer to incorporate the appropriate policy in the source code of his application. The user is endowed with the ability to choose a role that corresponds to the required level of trust required in order for him to embed the policy in the executed code. A case study of a collaborative application shows how works the proposed API for managing roles, generating policies and logging in. At the end, a discussion about the dynamic enforcement of the generated policies is presented.