Sciweavers

ACSW
2003

Flexible Enterprise Access Control with Object-oriented View Specification

14 years 27 days ago
Flexible Enterprise Access Control with Object-oriented View Specification
The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Given the increasing use of webbased applications involving sensitive data, the increased threat and the stringent requirements of privacy laws, a more flexible and secure approach is needed. In this paper we present a three-step approach to access control involving object-oriented encapsulation, middleware based on a new, more secure access control mechanism and the high-level specification of method-oriented views. We demonstrate the use of the approach in a simple web-based E-commerce environment to provide secure electronic cheques.
Mark Evered
Added 31 Oct 2010
Updated 31 Oct 2010
Type Conference
Year 2003
Where ACSW
Authors Mark Evered
Comments (0)