The concept of declarative security allows the separation of security concerns from business logic and enables the development of highly flexible and secure applications. Whereas Hibernate and the Enterprise Java Beans specification provide sufficient authentication and authorization functionalities in the context of object persistence, the Java Data Objects (JDO) specification designed as a lightweight persistence approach doesn't provide any declarative security capabilities. The novel security approach, JDOSecure, introduces a role-based permission system to the JDO persistence layer, which is based on the Java Authentication and Authorization Service (JAAS). JDOSecure is based on the dynamic proxy approach and ensures the collaboration with any JDO implementation. It comprises a management solution for users, roles, and permissions and allows storing the authentication and authorization information in any arbitrary JDO resource. Furthermore, a Java-based administration utility with a graphical user interface simplifies the maintenance of security privileges and permissions.
[1]
Matthias Merz,et al.
The management of users, roles, and permissions in JDOSecure
,
2006,
PPPJ '06.
[2]
Ramaswamy Chandramouli,et al.
The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms
,
2001,
ACM Trans. Inf. Syst. Secur..
[3]
David Jordan,et al.
Java data objects
,
2003
.
[4]
Matthias Merz.
Using the Dynamic Proxy Approach to Introduce Role-Based Security to Java Data Objects
,
2006,
SEKE.
[5]
Ralph Johnson,et al.
design patterns elements of reusable object oriented software
,
2019
.
[6]
Axel Korthaus,et al.
A Critical Analysis of JDO in the Context of J2EE
,
2003,
Software Engineering Research and Practice.
[7]
Markus Aleksy,et al.
Using JDOSecure to Introduce Role-Based Permissions to Java Data Objects-Based Applications
,
2006,
DEXA.
[8]
Matthias Merz.
JDOSecure: A Security Architecture for the Java Data Objects-Specification
,
2006,
SEDE.