Sciweavers

ISPEC
2005
Springer

A Practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications

14 years 5 months ago
A Practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications
Abstract. Access control is a system-wide concern that has both a generic nature and an application dependent characteristic. It is generic as many functions must be protected with restricted access, yet the rule to grant a request is highly dependent on the application state. Hence it is common to see the code for implementing access control scattered over the system and tangled with the functional code, making the system difficult to maintain. This paper addresses this issue for Web applications by presenting a practical access control framework based on aspect-oriented programming (AOP). Our approach accommodates a wide range of access control requirements of different granularity. AOP supports the modular implementation of access control while still enables the code to get a hold of the application state. Moreover, framework technology offers a balanced view between reuse and customization. As a result, our framework is able to enforce fine-grained access control for Web applicatio...
Kung Chen, Chih-Mao Huang
Added 28 Jun 2010
Updated 28 Jun 2010
Type Conference
Year 2005
Where ISPEC
Authors Kung Chen, Chih-Mao Huang
Comments (0)