Role-based access control in Java

As the Java platform is becoming attractive and convenient for the construction of cross-platform clientserver applications, the problem of developing and managing effective security policies in that environment becomes critical. This paper analyzes the security features provided by the new Java platform in order to identify how it is possible to improve them by providing state-of-the-art role-based access control mechanisms.

[1]  Dan S. Wallach,et al.  Extensible security architectures for Java , 1997, SOSP.

[2]  Dan S. Wallach,et al.  Understanding Java stack inspection , 1998, Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186).

[3]  Gary McGraw,et al.  Java Security , 1996 .

[4]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[5]  Aviel D. Rubin,et al.  Blocking Java applets at the firewall , 1997, Proceedings of SNDSS '97: Internet Society 1997 Symposium on Network and Distributed System Security.

[6]  L. Gong,et al.  Experience with secure multi-processing in Java , 1998, Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183).

[7]  Karen R. Sollins,et al.  Expanding and Extending the Security Features of Java , 1998, USENIX Security Symposium.

[8]  D. Richard Kuhn,et al.  Future directions in role-based access control , 1996, RBAC '95.

[9]  David R. Kuhn,et al.  Role-Based Access Control (RBAC): Features and Motivations | NIST , 1995 .

[10]  Gary McGraw,et al.  Java security: hostile applets, holes&antidotes , 1997 .

[11]  Elisa Bertino,et al.  A new Authorization Model for Object-Oriented Databases , 1994, DBSec.

[12]  Pietro Iglio,et al.  A formal model for role-based access control with constraints , 1996, Proceedings 9th IEEE Computer Security Foundations Workshop.

[13]  D. Richard Kuhn,et al.  Role-Based Access Control ( RBAC ) : Features and Motivations , 2014 .

[14]  Elisa Bertino,et al.  A flexible model supporting the specification and enforcement of role-based authorization in workflow management systems , 1997, RBAC '97.

[15]  Atul Prakash,et al.  Requirements of role-based access control for collaborative systems , 1996, RBAC '95.