Publication detail

A novel system of access control for server applications in web environments

CVRK, L. VRBA, V.

Original Title

A novel system of access control for server applications in web environments

English Title

A novel system of access control for server applications in web environments

Type

journal article - other

Language

en

Original Abstract

The number of the server applications in the world is rapidly increasing. Many of them need to handle user access. A typical approach is to implement access control logic directly into an object which is responsible for storing and retrieving the data and performing required operations over the data. The object checks access to appropriate methods and permits or denies required operation. But the systems are usually constructed from many such objects which require similar access control system. This leads to a greater overhead because access control checking must be coded inside all those objects. More code brings more bugs into the system moreover if a programmer simply forgets to verify some of required rights in the code then the system may encounter a forbidden data access. This article deals with that problem area and designs a unified database layer operating over relation database management systems. Key benefits it brings are strong simplification of the access control system from the point of view of the application code and impossibility to access data without permissions.

English abstract

The number of the server applications in the world is rapidly increasing. Many of them need to handle user access. A typical approach is to implement access control logic directly into an object which is responsible for storing and retrieving the data and performing required operations over the data. The object checks access to appropriate methods and permits or denies required operation. But the systems are usually constructed from many such objects which require similar access control system. This leads to a greater overhead because access control checking must be coded inside all those objects. More code brings more bugs into the system moreover if a programmer simply forgets to verify some of required rights in the code then the system may encounter a forbidden data access. This article deals with that problem area and designs a unified database layer operating over relation database management systems. Key benefits it brings are strong simplification of the access control system from the point of view of the application code and impossibility to access data without permissions.

Keywords

access control, relation database, sql

RIV year

2006

Released

30.12.2006

Publisher

Global Engineering, Science and Technology Society

Pages from

186

Pages to

198

Pages count

13

BibTex


@article{BUT44189,
  author="Lubomír {Cvrk} and Vít {Vrba}",
  title="A novel system of access control for server applications in web environments",
  annote="The number of the server applications in the world is rapidly increasing. Many of them need to handle user access. A typical approach is to implement access control logic directly into an object which is responsible for storing and retrieving the data and performing required operations over the data. The object checks access to appropriate methods and permits or denies required operation. But the systems are usually constructed from many such objects which require similar access control system. This leads to a greater overhead because access control checking must be coded inside all those objects. More code brings more bugs into the system moreover if a programmer simply forgets to verify some of required rights in the code then the system may encounter a forbidden data access. This article deals with that problem area and designs a unified database layer operating over relation database management systems. Key benefits it brings are strong simplification of the access control system from the point of view of the application code and impossibility to access data without permissions.",
  address="Global Engineering, Science and Technology Society",
  chapter="44189",
  institution="Global Engineering, Science and Technology Society",
  journal="International Transaction on Computer Science and Engineering",
  number="35",
  volume="2006",
  year="2006",
  month="december",
  pages="186",
  publisher="Global Engineering, Science and Technology Society",
  type="journal article - other"
}