Tine Verhanneman, F. Piessens, Bart De Win, W. Joosen
{"title":"组织范围策略的统一应用程序级访问控制实施","authors":"Tine Verhanneman, F. Piessens, Bart De Win, W. Joosen","doi":"10.1109/CSAC.2005.59","DOIUrl":null,"url":null,"abstract":"Fine-grained and expressive access control policies on application resources need to be enforced in application-level code. Uniformly enforcing a single policy (referred to as the organizationwide policy) in diverse applications is challenging with current technologies. This is due to a poor delimitation of the responsibilities of application deployer and security officer, which hampers a centralized management of a policy and therefore compromises the uniformity of its enforcement. To address this problem, the concept of an access interface is introduced as a contract between an organization-wide authorization engine and the various applications that need its services. The access interface provides support for the central management of the policy by the security officer. By means of a view connector, the application deployer ensures that each application complies with this contract, so that the policy can be enforced","PeriodicalId":422994,"journal":{"name":"21st Annual Computer Security Applications Conference (ACSAC'05)","volume":"64 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2005-12-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"18","resultStr":"{\"title\":\"Uniform application-level access control enforcement of organizationwide policies\",\"authors\":\"Tine Verhanneman, F. Piessens, Bart De Win, W. Joosen\",\"doi\":\"10.1109/CSAC.2005.59\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Fine-grained and expressive access control policies on application resources need to be enforced in application-level code. Uniformly enforcing a single policy (referred to as the organizationwide policy) in diverse applications is challenging with current technologies. This is due to a poor delimitation of the responsibilities of application deployer and security officer, which hampers a centralized management of a policy and therefore compromises the uniformity of its enforcement. To address this problem, the concept of an access interface is introduced as a contract between an organization-wide authorization engine and the various applications that need its services. The access interface provides support for the central management of the policy by the security officer. By means of a view connector, the application deployer ensures that each application complies with this contract, so that the policy can be enforced\",\"PeriodicalId\":422994,\"journal\":{\"name\":\"21st Annual Computer Security Applications Conference (ACSAC'05)\",\"volume\":\"64 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2005-12-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"18\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"21st Annual Computer Security Applications Conference (ACSAC'05)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAC.2005.59\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"21st Annual Computer Security Applications Conference (ACSAC'05)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.2005.59","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Uniform application-level access control enforcement of organizationwide policies
Fine-grained and expressive access control policies on application resources need to be enforced in application-level code. Uniformly enforcing a single policy (referred to as the organizationwide policy) in diverse applications is challenging with current technologies. This is due to a poor delimitation of the responsibilities of application deployer and security officer, which hampers a centralized management of a policy and therefore compromises the uniformity of its enforcement. To address this problem, the concept of an access interface is introduced as a contract between an organization-wide authorization engine and the various applications that need its services. The access interface provides support for the central management of the policy by the security officer. By means of a view connector, the application deployer ensures that each application complies with this contract, so that the policy can be enforced
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
