Architectural Separation of Authorization and Application Logic in...
Security is an essential feature and foremost concern to enterprise software systems. Today, application-level access control (and other security) functions are based on complex, fine-grain and/or...
View ArticleArchitecture-Centered Composition of Adaptive and Dependable Enterprise...
Security is an essential feature and foremost concern to enterprise software systems. Today, application-level security functions, e.g. access control based on complex, fine-grain and/or context...
View ArticleAttribute Function: an Enabler for Effective Inexpensive Application-specific...
Security is an essential feature and foremost concern to Internet and enterprise distributed software applications. However, the adoption of secure distributed applications by commercial and government...
View ArticleCORBAmed Security White Paper
The issue of security in healthcare has been discussed from a variety of perspectives at many CORBAmed meetings. This report focuses on the practical topic of how CORBAmed RFPs for services can go...
View ArticleCPR Security CORBA-based Security and Intranet Services
Intranet information services based on such technologies as WWW will continue to grow. Not every intranet service is and will be based on CORBA architecture. Some will continue to utilize plain...
View ArticleDesign
Learning objectives: * understand the principles of engineering secure systems. * make effective use of security constructs provided by current technologies. * trade off security against useability...
View ArticleDesign and Implementation of Resource Access Decision Server
Decoupling authorization decision logic enables implementation of complex and consistent access control policies across heterogeneous systems. However, this is difficult, if not impossible to implement...
View ArticleEngineering Application-level Access Control in Distributed Systems
This chapter discusses issues of engineering access control solutions in distributed applications for enterprise computing environments. It reviews application-level access control available in...
View ArticleEnterprise Security with EJB™ and CORBA®
This book shows you how to apply enterprise security integration (ESI) to secure your enterprise from end-to-end, using theory, examples, and practical advice. We present material on how to use the...
View ArticleExperience Report: Design and Implementation of a Component-Based Protection...
This presentation reflects, from a software engineering perspective, on the experience of designing and implementing protection mechanisms for ASP.NET Web services. The limitations of Microsoft ASP.NET...
View ArticleeXtreme Security Engineering: On Employing XP Practices to Achieve “Good...
This paper examines practices of eXtreme Programming (XP) on the subject of their application to the development of security solutions. We introduce eXtreme Security Engineering (XSE), an application...
View ArticleeXtreme Security Engineering: On Employing XP Practices to Achieve “Good...
This presentation examines practices of eXtreme Programming (XP) on the subject of their application to the development of security solutions. We introduce eXtreme Security Engineering (XSE), an...
View ArticleFlooding and Recycling Authorizations
The request-response paradigm used for access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the authorization servers...
View ArticleHere’s Your Lego™ Security Kit: How to Give Developers All Protection...
By presenting a protection architecture for ASP.NET Web services, this paper demonstrates the feasibility of creating middleware mechanisms in the form of composable, flexible, and extensible building...
View ArticleIssues in the Security Architecture of the Computerized Patient Record...
We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control...
View ArticleIssues in the Security Architecture of the Computerized Patient Record...
We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control...
View ArticleIssues in the Security Architecture of the Computerized Patient Record...
We discuss issues in CPR enterprise security architecture. The main goal is to provide a security environment where a user will be viewed the same across all enterprise systems, and access control...
View ArticleJAMES: Junk Authorizations for Massive-scale Enterprise Services
The request-response paradigm used for distributed access control solutions commonly leads to point-to-point (PTP) architectures with security enforcement logic obtaining decisions from the...
View ArticleMethod and System for Authorization and Access to Protected Resources
The present invention relates to the access of data resources using a Resource Access Decision Facility (RAD), preferably a CORBA RAD. More particularly, embodiments of the present invention provide...
View ArticleMiddleware and Web Services Security
Challenges of designing secure distributed applications are due to distribution, scale and object orientation. We will discuss the functionalities and capabilities of the security mechanisms of today...
View ArticleMiddleware and Web Services Security Mechanisms
Learning objectives: Gain a working knowledge of the security mechanisms of current Middleware and Web Services technologies. Overview: Challenges of designing secure distributed applications are due...
View ArticleObject Security Attributes: Enabling Application-specific Access Control in...
This paper makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. First, it develops a simple classification framework for...
View ArticleObject Security Attributes: Enabling Application-specific Access Control in...
This presentation makes two primary contributions toward establishing support for application-specific factors in middleware security mechanisms. First, it develops a simple classification framework...
View ArticleOfficial Requirements and Recommendations from Various Organizations on...
This report describes recommendations and official requirements from various organizations that guide architecture of CPR security at BHSSF.
View ArticleApplying Aspect-Orientation in Designing Security Systems: A Case Study
As a security policy model evolves, the design of security systems using that model could become increasingly complicated. It is necessary to come up with an approach to guide the development, reuse...
View Article
