Online Version - Last Updated - 20 Jan 2012 |
 |
| Home |
| |
| Procedures and Resources for Authors |
|
| Information and Resources for Volume Editors |
| |
| Orders and Subscriptions |
| |
| Published Articles |
|
| Upcoming Volumes |
| |
| Contact Us |
| |
| Useful External Links |
| |
| CRPIT Site Search |
Flexible Enterprise Access Control with Object-oriented View Specification
Evered, M.
The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Given the increasing use of webbased applications involving sensitive data, the increased threat and the stringent requirements of privacy laws, a more flexible and secure approach is needed. In this paper we present a three-step approach to access control involving object-oriented encapsulation, middleware based on a new, more secure access control mechanism and the high-level specification of method-oriented views. We demonstrate the use of the approach in a simple web-based E-commerce environment to provide secure electronic cheques
Cite as: Evered, M. (2003). Flexible Enterprise Access Control with Object-oriented View Specification. In Proc. First Australasian Information Security Workshop (AISW2003), Adelaide, Australia. CRPIT, 21. Johnson, C., Montague, P. and Steketee, C., Eds. ACS. 17-24.
(from crpit.com)
(local if available)
