Networked Computing and Advanced Information Management, International Conference on (2009)
Aug. 25, 2009 to Aug. 27, 2009
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/NCM.2009.273
Middleware security is usually regarded as a wrapper of underlying security mechanisms rather than a infrastructure for enforcement and management of accuss control policies. We argue that there is a need for more generalized security mechanisms at middleware layer to enforce multiple access control policies. We introduce Starch, a novel policy-oriented security architecture at middleware layer, which is distain-gushed from existing middleware security infrastructure-tares mainly in three aspects: (1) Starch can be used to enforce access control policies with finer granularity and different kinds of constraints. (2) Starch provides a more general policy management infrastructure to keep the privacy, consistency and availability of accuss control policies. (3) Starch provides means to clearly separate authorization logic from applications, which will be enforced at middleware layer. Starch is built upon a CORBA middleware and supports mull-tipple access control policies while preserving the mid-dewier designing characteristics.
Middleware, Security, Access Control, Policy
Gang Yin, Huaimin Wang, Pinbo Sui, Dianxi Shi, "Towards General Access Control Management for Middleware Security", Networked Computing and Advanced Information Management, International Conference on, vol. 00, no. , pp. 444-448, 2009, doi:10.1109/NCM.2009.273