ISBN-13: 9783639018905 / Angielski / Miękka / 2008 / 144 str.
For software applications in domains such as healthcare, the sensitivity of the data processed is such that access must be restricted to authorized users. These applications require a fine-granular enforcement of a context-based access control policy to control access to an asset, based on contextual information that is related to the access request. Due to the complexity and scale of contemporary software systems, the integration of context-based access control in an application constitutes a major engineering challenge. It is hard to obtain uniform access control enforcement in the numerous applications that are deployed within an organization. Moreover, access control solutions must support evolution of the policy and its enforcement to address changing requirements. This work presents an assessment and the limitations of state-of-the art access control technologies. To overcome these shortcomings, a modular access control service is presented, which supports a fine-granular enforcement of context-based policies. This book will be of interest for IT experts, computer scientists and readers who are interested in software security, and aspect-oriented software development."
For software applications in domains such as healthcare, the sensitivity of the data processed is such that access must be restricted to authorized users. These applications require a fine-granular enforcement of a context-based access control policy to control access to an asset, based on contextual information that is related to the access request. Due to the complexity and scale of contemporary software systems, the integration of context-based access control in an application constitutes a major engineering challenge. It is hard to obtain uniform access control enforcement in the numerous applications that are deployed within an organization. Moreover, access control solutions must support evolution of the policy and its enforcement to address changing requirements. This work presents an assessment and the limitations of state-of-the art access control technologies. To overcome these shortcomings, a modular access control service is presented, which supports a fine-granular enforcement of context-based policies.This book will be of interest for IT experts, computer scientists and readers who are interested in software security, and aspect-oriented software development.