Topic
Java Authentication and Authorization Service
About: Java Authentication and Authorization Service is a research topic. Over the lifetime, 18 publications have been published within this topic receiving 228 citations.
Papers
Patent•
6 May 2003TL;DR: Role-based access control as mentioned in this paper is an authorization architecture for authorizing access to resource objects in an object-oriented programming environment, where users and other subjects are assigned membership in one or more roles, and appropriate permissions or privileges to access resource objects are granted to those roles.
Abstract: An authorization architecture for authorizing access to resource objects in an object-oriented programming environment. In one distributed environment, the permission model of JAAS (Java Authentication and Authorization Service) is replaced or enhanced with role-based access control. Thus, users and other subjects (e.g., pieces of code) are assigned membership in one or more roles, and appropriate permissions or privileges to access resource objects are granted to those roles. Permissions may also be granted directly to users. Roles may be designed to group users having similar functions, duties or similar requirements for accessing the resources. Roles may be arranged hierarchically, so that users explicitly assigned to one role may indirectly be assigned to one or more other roles (i.e., descendants of the first role). A realm or domain may be defined as a namespace, in which one or more role hierarchies are established.
50 citations
1 Jan 2003
TL;DR: This paper discusses some specific security solutions based on Java 2 Enterprise Edition (J2EE) architecture and JBoss 3.0 application server, aspect-oriented programming with AspectJ, and security requirements in component based systems.
Abstract: Introduction The goal of the paper is to present that aspect-oriented security provides very powerful mechanisms which could enhance container managed security. Security of container based systems usually depends on security mechanisms provided by containers in which the components run. The security functionality of containers is often limited and hard to modify. Aspect-oriented programming (AOP) allows weaving a security aspect into a component based application providing additional security functionality or introducing completely new security mechanisms. Implementation of security with AOP is a flexible method to develop separated, extensible and reusable pieces of code called aspects. In this paper we discuss some specific security solutions based on Java 2 Enterprise Edition (J2EE) architecture [1] and JBoss 3.0 application server [2], aspect-oriented programming with AspectJ 1.1 [3], Java Authentication and Authorization Service API (JAAS) [4] and Resource Access Decision Facility (RAD) [5]. First, the security requirements in component based systems have been discussed. Next, container managed and aspect-oriented security mechanisms are presented in more details. Then, to demonstrate and compare techniques of implementation of different security mechanisms we will use a simplified pseudo-banking application (written with EJB).
42 citations
IBM1
TL;DR: A formal specification of the Java 2 and JAAS access control model is provided that helps remove ambiguities of the informal definitions and defines Java 2 access control in terms of an abstract machine, whose behavior is determined by a small set of transition rules.
Abstract: Java 2 Security enhanced with the Java Authentication and Authorization Service (JAAS) provide sophisticated access control features via a user-configurable authorization policy. Fine-grained access control, code-based as well as user-based authorization, and implicit access rights allow the implementation of real-world policies, but of the cost of increased complexity. We provide a formal specification of the Java 2 and JAAS access control model that helps remove ambiguities of the informal definitions. It defines Java 2 access control in terms of an abstract machine, whose behavior is determined by a small set of transition rules. We illustrate the power of Java 2 access control by showing how commonly encountered authorization requirements can be implemented in Java 2.
22 citations
20 Sep 2010
TL;DR: This demo presents a tool to generate code from verified Role-Based Access Control properties defined using UMLsec using Java code generated for the UML model and AspectJ code for enforcing said RBA properties.
Abstract: This demo presents a tool to generate code from verified Role-Based Access Control properties defined using UMLsec. It can either generate Java code, or generate Java code for the UML model and AspectJ code for enforcing said RBA properties. Both approaches use the Java Authentication and Authorization Service (JAAS) to enforce access control.
21 citations
Related Topics (5)
Performance Metrics
| Year | Papers |
|---|---|
| 2015 | 1 |
| 2010 | 2 |
| 2008 | 1 |
| 2007 | 1 |
| 2006 | 4 |
| 2005 | 2 |