Corpus ID: 59817764

An Extensible and Object-Oriented Authorization Model for Business Software Systems

  title={An Extensible and Object-Oriented Authorization Model for Business Software Systems},
  author={Cheoljoo Jeong and Kangho Kim and Youngbae Oh},
It is common in the behavior of business applications to check whether an actor has an authorization to perform some actions on a specific piece of information. Though vast amount of research efforts were devoted to devising such an authorization mechanism, through a logical approach or at the level of systems software [1, 3, 4], there have been few results on establishing an programming model which can be reused in various business domains [5]. In this paper, we present an object-oriented… Expand


Architectural Patterns for Enabling Application Security
This paper contains a collection of patterns to be used when dealing with application security that work together to provide a security framework for building applications. Expand
Synthesizing Object-Oriented and Functional Design to Promote Re-Use
This paper presents a composite design pattern that synthesizes the best of both approaches to extensibility and in the process resolves the tension between the two design strategies. Expand
Authentication in distributed systems: theory and practice
A theory of authentication and a system that implements it, based on the notion of principal and a "speaks for" relation between principals, that explains how to reason about a principal's authority by deducing the other principals it can speak for. Expand
A Calculus for Access Control in Distributed Systems
This work accounts for how a principal may come to believe that another principal is making a request, either on his own or on someone else's behalf, and provides a logical language for access control lists and theories for deciding whether requests should be granted. Expand
A model of authorization for nextgeneration database systems
  • ACM Transactions on Database Systems
  • 1991