政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/29698

English | 正體中文 | 简体中文 | Post-Print筆數 : 27 | Items with full text/Total items : 111200/142120 (78%)
Visitors : 48112910 Online Users : 1052

RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.

Scope

please add "double quotation mark" for query phrases to get precise results

please goto advance search for comprehansive author search

Adv. Search

Home ‧ Login ‧ Upload ‧ Help ‧ About ‧ Administer

Goto mobile version

政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 > Item 140.119/29698

Please use this identifier to cite or link to this item: https://nccur.lib.nccu.edu.tw/handle/140.119/29698

Title:	應用動態剖面導向技術實現用戶之間的委任權限管理 Using Dynamic Aspects to Implement User-to-User Delegation
Authors:	黃啟峰
Contributors:	陳恭 Chen, Kung 黃啟峰
Keywords:	剖面導向動態剖面存取控管委任 Aspect Oriented Programming Dynamic Aspect Access Control Delegation
Date:	2006
Issue Date:	2009-09-11 16:04:51 (UTC+8)
Abstract:	對大部分的應用系統來說，在實施系統功能存取控管的同時，若沒有搭配適當的委任或委派權限的機制，將會大大影響系統用戶對存取控管限制的接受度，故本論文針對如何實現用戶間的權限委派進行探討。我們選擇以剖面導向技術開發的存取控管框架為標的，設計出一套模組化的權限委派機制，可以在不改變既有的存取控管剖面的情況下，進行用戶間的權限委派。我們採用動態剖面的技術，並結合個體層次的剖面功能，發展出可以在使用應用系統的交談期間，由用戶動態進行權限委派的啟動與關閉。此一操作方式不僅方便系統管理者進行存取控管與權限委派的設定，也讓用戶在使用上享有相當程度的彈性。我們以AspectWerkz的剖面框架為實驗平台，製作一個用戶間權限委派的展示系統。 For many systems, access control without proper support for delegation is simply impractical. While access control has gained a considerable attention in the aspect-oriented community recently, delegation has not been properly addressed yet using aspects. This paper presents a simple yet novel approach to implementing delegation using dynamic aspects. This thesis shows that a proper combination of instance-level aspects and dynamic deployment can be used to enhance an aspect-based access control system with dynamic and fine-grained delegation effectively in a highly modular manner. We developed a prototype implementation using the per instance interception mechanism of AspectWerkz to illustrate our approach.
Reference:	[1] Mark. Curphey, et al., A Guide to Building Secure Web Applications, The Open Web Application Security Project, Version 1.1, 2002. [2] I. Ray, R. France, N. Li, and G.. Georg, “An aspect-based approach to modeling access control concern, ”Information and Software Technology, July 2004,pp.557-587. [3] G.. Zhang, H. Baumeister, N. Koch, and A. Knapp, “Aspect-Oriented Modeling of Access Control in Web Applications,”6th International Workshop on Aspect-Oriented Modeling, Mar. 2005; http://dawis.informatik.uni-essen.de/events/AOM_AOSD2005/papers.shtml [4] B. De Win, B. Vanhaute, and B. De Decker, “Security Through Aspect-Oriented Programming,” Advances in Network and Distributed Systems Security, Kluwer Academic, 2001, pp.125-138. [5] G.. George, I. Ray, and R. France, “Using Aspects to Design a Secure System,” Proc. the 8th IEEE Int’l Conf. on Engineering of Complex Computer Systems. IEEE CS Press, Dec.2002. [6] K. Chen and C.M. Huang, ”A practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications,”Proc. of First Information Security Practice and Experience Conference(ISPEC 2005), LNCS 3439, Springer-Verlag, 2005,pp.156-167. [7] L. Zhang, G.. Ahn, and B. Chu, “A Rule-Based Framework for Role-Based Delegation and Revocation,” ACM Transactions on Information and System Security, Aug. 2003,pp.404-441. [8] H. Rajan and K. Sullivan, “Eis:Instance-Level Aspects for Integrated System Design”, Proc. of the 2003 Joint European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2003),Sept. 2003. [9] JBoss AOP project; http://www.jboss.org/products/aop [10]. AspectWerkz project; http://aspectwerkz.codehaus.org [11] R. Sandhu, E. Coyne, H. Feinstein, and c. Youman, “Role-based access control model,” IEEE Computer, Feb.1996,pp.38-47. [12] K. Chen and C.M. Huang, “On Designing Access Control Aspect for Web Applications”, Workshop on Software-engineering Properties of Languages and Aspect Technologies(SPLAT 05), Mar.2005; http://www.daimi.au.dk/~eernst/splat05/. [13] S. Hanenberg and A. Schmidmeier, “Idioms for Building Software Frameworks in AspectJ,”2nd AOSD Workshop on Aspects, Components, and Patterns for Infrastructure Software(ACP4IS), Mar. 2003; http://www.cs.ubc.ca/~ycoady/acp4is03/. [14]. X. Zhang, S. Oh, and R. Sandhu, “PBDM:A Flexible Delegation Model in RBAC,” Proc. 8th Symposium on Access Control Models and Technologies, 2003,pp.149-157. [15] The Apache Struts Web Application Framework:http://struts.apache.org/
Description:	碩士國立政治大學資訊科學學系 92753016 95
Source URI:	http://thesis.lib.nccu.edu.tw/record/#G0927530161
Data Type:	thesis
Appears in Collections:	[資訊科學系] 學位論文

Files in This Item:

File	Size	Format
index.html	0Kb	HTML2	345	View/Open

All items in 政大典藏 are protected by copyright, with all rights reserved.

社群 sharing

著作權政策宣告 Copyright Announcement

1.本網站之數位內容為國立政治大學所收錄之機構典藏，無償提供學術研究與公眾教育等公益性使用，惟仍請適度，合理使用本網站之內容，以尊重著作權人之權益。商業上之利用，則請先取得著作權人之授權。
The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

2.本網站之製作，已盡力防止侵害著作權人之權益，如仍發現本網站之數位內容有侵害著作權人權益情事者，請權利人通知本網站維護人員(nccur@nccu.edu.tw)，維護人員將立即採取移除該數位著作等補救措施。
NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.

DSpace Software Copyright © 2002-2004 MIT & Hewlett-Packard / Enhanced by NTU Library IR team Copyright © - Feedback