政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/29698
English  |  正體中文  |  简体中文  |  Post-Print筆數 : 27 |  全文筆數/總筆數 : 114393/145446 (79%)
造訪人次 : 53034922      線上人數 : 303
RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.
搜尋範圍 查詢小技巧:
  • 您可在西文檢索詞彙前後加上"雙引號",以獲取較精準的檢索結果
  • 若欲以作者姓名搜尋,建議至進階搜尋限定作者欄位,可獲得較完整資料
    •  進階搜尋
    政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 >  Item 140.119/29698


    請使用永久網址來引用或連結此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/29698


    題名: 應用動態剖面導向技術實現用戶之間的委任權限管理
    Using Dynamic Aspects to Implement User-to-User Delegation
    作者: 黃啟峰
    貢獻者: 陳恭
    Chen, Kung
    黃啟峰
    關鍵詞: 剖面導向
    動態剖面
    存取控管
    委任
    Aspect Oriented Programming
    Dynamic Aspect
    Access Control
    Delegation
    日期: 2006
    上傳時間: 2009-09-11 16:04:51 (UTC+8)
    摘要: 對大部分的應用系統來說,在實施系統功能存取控管的同時,若沒有搭配適當的委任或委派權限的機制,將會大大影響系統用戶對存取控管限制的接受度,故本論文針對如何實現用戶間的權限委派進行探討。我們選擇以剖面導向技術開發的存取控管框架為標的,設計出一套模組化的權限委派機制,可以在不改變既有的存取控管剖面的情況下,進行用戶間的權限委派。我們採用動態剖面的技術,並結合個體層次的剖面功能,發展出可以在使用應用系統的交談期間,由用戶動態進行權限委派的啟動與關閉。此一操作方式不僅方便系統管理者進行存取控管與權限委派的設定,也讓用戶在使用上享有相當程度的彈性。我們以AspectWerkz的剖面框架為實驗平台,製作一個用戶間權限委派的展示系統。
    For many systems, access control without proper support for delegation is simply impractical. While access control has gained a considerable attention in the aspect-oriented community recently, delegation has not been properly addressed yet using aspects. This paper presents a simple yet novel approach to implementing delegation using dynamic aspects. This thesis shows that a proper combination of instance-level aspects and dynamic deployment can be used to enhance an aspect-based access control system with dynamic and fine-grained delegation effectively in a highly modular manner. We developed a prototype implementation using the per instance interception mechanism of AspectWerkz to illustrate our approach.
    參考文獻: [1] Mark. Curphey, et al., A Guide to Building Secure Web Applications, The Open Web Application Security Project, Version 1.1, 2002.
    [2] I. Ray, R. France, N. Li, and G.. Georg, “An aspect-based approach to modeling access control concern, ”Information and Software Technology, July 2004,pp.557-587.
    [3] G.. Zhang, H. Baumeister, N. Koch, and A. Knapp, “Aspect-Oriented Modeling of Access Control in Web Applications,”6th International Workshop on Aspect-Oriented Modeling, Mar. 2005; http://dawis.informatik.uni-essen.de/events/AOM_AOSD2005/papers.shtml
    [4] B. De Win, B. Vanhaute, and B. De Decker, “Security Through Aspect-Oriented Programming,” Advances in Network and Distributed Systems Security, Kluwer Academic, 2001, pp.125-138.
    [5] G.. George, I. Ray, and R. France, “Using Aspects to Design a Secure System,” Proc. the 8th IEEE Int’l Conf. on Engineering of Complex Computer Systems. IEEE CS Press, Dec.2002.
    [6] K. Chen and C.M. Huang, ”A practical Aspect Framework for Enforcing Fine-Grained Access Control in Web Applications,”Proc. of First Information Security Practice and Experience Conference(ISPEC 2005), LNCS 3439, Springer-Verlag, 2005,pp.156-167.
    [7] L. Zhang, G.. Ahn, and B. Chu, “A Rule-Based Framework for Role-Based Delegation and Revocation,” ACM Transactions on Information and System Security, Aug. 2003,pp.404-441.
    [8] H. Rajan and K. Sullivan, “Eis:Instance-Level Aspects for Integrated System Design”, Proc. of the 2003 Joint European Software Engineering Conference and ACM SIGSOFT Symposium on the Foundations of Software Engineering (ESEC/FSE 2003),Sept. 2003.
    [9] JBoss AOP project; http://www.jboss.org/products/aop
    [10]. AspectWerkz project; http://aspectwerkz.codehaus.org
    [11] R. Sandhu, E. Coyne, H. Feinstein, and c. Youman, “Role-based access control model,” IEEE Computer, Feb.1996,pp.38-47.
    [12] K. Chen and C.M. Huang, “On Designing Access Control Aspect for Web Applications”, Workshop on Software-engineering Properties of Languages and Aspect Technologies(SPLAT 05), Mar.2005; http://www.daimi.au.dk/~eernst/splat05/.
    [13] S. Hanenberg and A. Schmidmeier, “Idioms for Building Software Frameworks in AspectJ,”2nd AOSD Workshop on Aspects, Components, and Patterns for Infrastructure Software(ACP4IS), Mar. 2003; http://www.cs.ubc.ca/~ycoady/acp4is03/.
    [14]. X. Zhang, S. Oh, and R. Sandhu, “PBDM:A Flexible Delegation Model in RBAC,” Proc. 8th Symposium on Access Control Models and Technologies, 2003,pp.149-157.
    [15] The Apache Struts Web Application Framework:http://struts.apache.org/
    描述: 碩士
    國立政治大學
    資訊科學學系
    92753016
    95
    資料來源: http://thesis.lib.nccu.edu.tw/record/#G0927530161
    資料類型: thesis
    顯示於類別:[資訊科學系] 學位論文

    文件中的檔案:

    檔案 大小格式瀏覽次數
    index.html0KbHTML2423檢視/開啟


    在政大典藏中所有的資料項目都受到原著作權保護.


    社群 sharing

    著作權政策宣告 Copyright Announcement
    1.本網站之數位內容為國立政治大學所收錄之機構典藏,無償提供學術研究與公眾教育等公益性使用,惟仍請適度,合理使用本網站之內容,以尊重著作權人之權益。商業上之利用,則請先取得著作權人之授權。
    The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

    2.本網站之製作,已盡力防止侵害著作權人之權益,如仍發現本網站之數位內容有侵害著作權人權益情事者,請權利人通知本網站維護人員(nccur@nccu.edu.tw),維護人員將立即採取移除該數位著作等補救措施。
    NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.
    DSpace Software Copyright © 2002-2004  MIT &  Hewlett-Packard  /   Enhanced by   NTU Library IR team Copyright ©   - 回饋