Title :
User authentication and authorization in the JavaTM platform
Author :
Lai, Charlie ; Gong, Li ; Koved, Larry ; Nadalin, Anthony ; Schemers, Roland
Author_Institution :
SunMicrosyst. Ine., USA
Abstract :
JavaTM security technology originally focused on creating a safe environment in which to run potentially untrusted code downloaded from the public network. With the latest release of the Java TM platform (the JavaTM 2 Software Development Kit, v 1.2), fine-grained access controls can be placed upon critical resources with regard to the identity of the running applets and applications, which are distinguished by where the code came from and who signed it. However, the Java platform still lacks the means to enforce access controls based on the identity of the user who runs the code. In this paper we describe the design and implementation of the JavaTM Authentication and Authorization Service (JAAS), a framework and programming interface that augments the JavaTM platform with both user-based authentication and access control capabilities
Keywords :
Java; application program interfaces; authorisation; message authentication; Java Authentication and Authorization Service; Java platform; Java security technology; applets; applications; authorization; fine-grained access control; programming interface; public network; untrusted code; user authentication; Access control; Application software; Authentication; Authorization; Identity-based encryption; Java; Permission; Read only memory; Security; Sun;
Conference_Titel :
Computer Security Applications Conference, 1999. (ACSAC '99) Proceedings. 15th Annual
Conference_Location :
Phoenix, AZ
Print_ISBN :
0-7695-0346-2
DOI :
10.1109/CSAC.1999.816038
