政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/32725

政大機構典藏-National Chengchi University Institutional Repository(NCCUR):Item 140.119/32725

English | 正體中文 | 简体中文 | Post-Print筆數 : 27 | 全文笔数/总笔数 : 114404/145434 (79%)
造访人次 : 53211119 在线人数 : 655

RC Version 6.0 © Powered By DSPACE, MIT. Enhanced by NTU Library IR team.

搜寻范围

查询小技巧：

您可在西文检索词汇前后加上"双引号"，以获取较精准的检索结果

若欲以作者姓名搜寻，建议至进阶搜寻限定作者字段，可获得较完整数据

进阶搜寻

主页 ‧ 登入 ‧ 上传 ‧ 说明 ‧ 关于政大典藏 ‧ 管理

到手机版

政大機構典藏 > 資訊學院 > 資訊科學系 > 學位論文 > Item 140.119/32725

请使用永久网址来引用或连结此文件: https://nccur.lib.nccu.edu.tw/handle/140.119/32725

题名:	建構可重用與細緻化的剖面導向存取控管框架 Building a Reusable and Fine-grained Aspect-Oriented Access Control Framework
作者:	黃植懋 Huang , Chih-Mao
贡献者:	陳恭 Chen , Kung 黃植懋 Huang , Chih-Mao
关键词:	存取控管剖面導向程式設計框架網頁應用程式 Access Control Aspect-Oriented Programming Framework Web Applications
日期:	2004
上传时间:	2009-09-17 14:08:32 (UTC+8)
摘要:	隨著網路應用的發達與普及，應用系統的安全防護非常重要，但是要將安全方防護方面的設計與製作做好，卻不容易。因為與安全相關的程式碼必須嵌入到應用系統的各個模組中去執行，具有橫跨（cross-cutting）的特性。在設計時，若不加以區分，仍然以一般的物件或是函式模組來將其模組化的話，往往造成系統中反覆出現類似的程式碼以及不同需求的程式碼夾雜不清的現象，當系統愈趨複雜時，這些問題就愈顯嚴重，結果導致系統不易維護且錯誤頻仍。最近興起的剖面導向程式設計（Aspect-Oriented Programming）基於關注分離的原則（Separation of Concerns），針對像安全這類橫跨性的需求，倡議在原有的物件或函式模組外，另以剖面（aspect）作為這些橫跨性需求的模組單位，以大幅改善應用系統的模組性。近兩三年來，這方面的發展迅速，各種支援方面導向的程式語言與相關工具相繼推出，美國全錄公司柏拉圖實驗室發展的AspectJ語言就是一個具代表性的成果。本論文以剖面導向的原則，以AspectJ及JBossAOP為主要工具，針對Web應用程式在認證與存取控管方面的安全需求，設計與製作一套具重用性且可處理資料內容相關、細緻層級的存取控管框架。 Access control is a system-wide concern that has both a generic nature and an application dependent characteristic. It is generic as many functions must be protected with restricted access, yet the rule to grant a request is highly dependent on the application state. Hence it is common to see the code for implementing access control scattered over the system and tangled with the functional code, making the system difficult to maintain. This thesis addresses this issue for Web applications by presenting a practical access control framework based on aspect-oriented programming (AOP). Our approach accommodates a wide range of access control requirements of different granularity. AOP supports the modular implementation of access control while still enables the code to get a hold of the application state. Moreover, framework technology offers a balanced view between reuse and customization. As a result, our framework is able to enforce fine-grained access control for Web applications in a highly adaptable manner.
參考文獻:	【1】ACM, Proceedings of the 1st International Conference on Aspect-Oriented Software Development, 2001, ACM Press. 【2】ACM, Proceedings of the 2nd International Conference on Aspect-Oriented Software Development, 2002, ACM Press. 【3】ACM, Proceedings of the 3rd International Conference on Aspect-Oriented Software Development, 2003, ACM Press. 【4】ACM, Proceedings of the 4th International Conference on Aspect-Oriented Software Development, 2004, ACM Press. 【5】ACM, Proceedings of the 5th International Conference on Aspect-Oriented Software Development, 2005, ACM Press. 【6】AOSD Tools Practitioners: http://www.aosd.net/technology/practitioners.php 【7】Apache Struts Web Application Framework: http://struts.apache.org/ 【8】AspectJ website: http://www.eclipse.org/aspectj/ 【9】AspectWerkz website: http://aspectwerkz.codehaus.org/index.html 【10】R. Anderson, Security Engineering: A Guide to Build Dependable Distributed Systems, John Wiley & Sons, 2001. 【11】K. Beznosov, Y. Deng, Engineering Access Control in Distributed Applications, PhD thesis, Florida International University, Miami, FL, 2000. 【12】A. Clement, A. Colyer and M. Kersten, Aspect-Oriented Programming with AJDT, Workshop on Analysis of Aspect-Oriented Software, ECOOP 2003. 【13】M. Curphey, et al., A Guide to Building Secure Web Applications, The Open Web Application Security Project, Version 1.1, 2002. http://www.cgisecurity.com/owasp/html/ 【14】B. De Win and B. De Decker, Building Frameworks in AspectJ, ECOOP 2001, Workshop on Advanced Separation of Concerns, pp.1-6. 【15】B. De Win, W. Joosen and F. Piessens, AOSD & Security:a practical assessment, Workshop on Software engineering Properties of Languages for Aspect Technologies (SPLAT03), 2003, pp. 1-6 【16】B. De Win, F. Piessens, W. Joosen and T. Verhanneman, On the importance of the separation-of-concerns principle in secure software engineering, Workshop on the Application of Engineering Principles to System Security Design, 2002. 【17】B. De Win, B. Vanhaute and B. De Decker, How Aspect oriented programming can help to build secure software, Informatica vol.26(2), 2002, pp. 141-149. 【18】B. De Win, B. Vanhaute, B. and De Decker, Security Through Aspect-Oriented Programming, Advances in Network and Distributed Systems Security, Kluwer Academic, pp. 125-138, 2001. 【19】M. Fayad and D. Schmidt, Object-Oriented Application Frameworks, Communications of the ACM. Vol. 40. No. 10, October 1997, pp. 32-38. 【20】E. Gamma, R. Helm, R. Johnson, J. Vlissides: Design Patterns. A.W. L., 1995. ISBN 0-201-63361-2. 【21】L. Giuri, and P. Iglio, Role Templates for Content-Based Access Control, Proceedings, 2nd ACM Workshop on Role-Based Access Control, Fairfax, VA (October 28–29, 1997), pp. 153-59. 【22】R. Goodwin, S. F. Goh and F. Y. Wu, Instance-level access control for business-to-business electronic commerce, IBM System Journal, vol. 41, no. 2, 2002. 【23】S. Hanenberg and A. Schmidmeier, Idioms for Building Software Frameworks in AspectJ, 2nd AOSD Workshop on Aspects, Components, and Patterns for Infrastructure Software (ACP4IS), Boston, MA, March 17, 2003 【24】S. Hanenberg and R. Unland, Using and Reusing Aspects in AspectJ, Workshop on Advanced Separation of Concerns in Object-Oriented Systems, OOPSLA, Oct. 2001 【25】W. Hürsch and C. Videira Lopes, Separation of Concerns, Technical Report, no. NU-CCS-95-03, 1995. 【26】JBoss AOP website: http://www.jboss.org/products/aop, Document download site: http://docs.jboss.org/aop/Aspectframework/ 【27】G. Kiczales, E. Hilsdale, J. Hugunin, M. Kersten, J. Palm and W. Griswold, Getting Started with AspectJ, Communications of the ACM, vol. 44, no. 10, pp 59-65, October 2001. 【28】G. Kiczales, J. Lamping, A. Menhdhekar , C. Maeda , C. Lopes, J.-M. Loingtier and J. Irwin, , Aspect-oriented programming, in ECOOP `97 Object-Oriented Programming 11th European Conference," Finland (M. Aksit and S. Matsuoka, eds.), vol. 1241, pp. 220-242, New York, NY: Springer-Verlag, 1997. 【29】C. K. Georgiadis, I. Mavridis, G. Pangalos, and R. K. Thomas, Flexible Team-based Access Control Using Contexts, Sixth ACM Symposium on Access Control Models and Technologies (SACMAT 2001), Chantilly, VA, USA, May 2001. 【30】S. K. Tzelepi1, D. K. Koukopoulos, and G. Pangalos, A flexible Content and Contextbased Access Control Model for Multimedia Medical Image Database Systems. ACM SIGMM Electronic Proceedings, 2001. 【31】C. Lai, L. Gong, L. Koved, A. Nadalin and R. Schemers, User Authentication And Authorization In The Java Platform, Proceedings of Annual Computer Security Applications Conference, Phoenix, Arizona, USA, 1999, pp. 285-290. http://developer.java.sun.com/developer/technicalArticles/Security/jaasv2/ 【32】I. Nagy, L. Bergmans, M. Aksit, Declarative Aspect Composition, Workshop on Software engineering Properties of Languages for Aspect Technologies (SPLAT04), 2004 【33】Open Web Application Security Project: The Top Ten Most Critical Web Application Security Vulnerabilities. http://www.owasp.org/documentation/topten 【34】H. Ossher and P. Tarr, Using multidimensional separation of concerns to （re）shape evolving software, Communications of the ACM, vol. 44, no. 10, pp 43-50, October 2001. 【35】PROSE website: http://prose.ethz.ch/Wiki.jsp?page=Prose 【36】R. Sandhu, E. Coyne, H. Feinstein, and C. Youman, Role-Based Access Control Models, IEEE Computer, 29(2):38–47, 1996. 【37】D. S. Goldberg, R. B. Findler, M. Flatt, Super and Inner — Together at Last!, OOPSLA 2004, October 2004 【38】T. Verhanneman, L. Jaco, B. De Win, F. Piessens and W. Joosen, Adaptable Access Control Policies for Medical Information Systems, Proc. of Distributed Applications and Interoperable Systems, 2003, Paris, France, LNCS 2893, pp.133-140 【39】E. Wohlstadter, A. Keen, S. Jackson and P. Devanbu, Accommodating Evolution in AspectJ, Workshop on Advanced Separation of Concerns in Object-Oriented Systems, OOPSLA 2001, October 2001 【40】林經緯, 陳恭, 運用剖面導向技術研製網路應用程式之可設定式細緻化存取控管, 第十五屆資訊安全會議（ISC2005）,June 2005
描述:	碩士國立政治大學資訊科學學系 92753024 93
資料來源:	http://thesis.lib.nccu.edu.tw/record/#G0927530241
数据类型:	thesis
显示于类别:	[資訊科學系] 學位論文

文件中的档案:

档案	描述	大小	格式	浏览次数
53024101.pdf		77Kb	Adobe PDF2	847	检视/开启
53024102.pdf		108Kb	Adobe PDF2	784	检视/开启
53024103.pdf		103Kb	Adobe PDF2	851	检视/开启
53024104.pdf		105Kb	Adobe PDF2	790	检视/开启
53024105.pdf		148Kb	Adobe PDF2	922	检视/开启
53024106.pdf		329Kb	Adobe PDF2	1174	检视/开启
53024107.pdf		164Kb	Adobe PDF2	1079	检视/开启
53024108.pdf		210Kb	Adobe PDF2	1048	检视/开启
53024109.pdf		186Kb	Adobe PDF2	1056	检视/开启
53024110.pdf		106Kb	Adobe PDF2	734	检视/开启
53024111.pdf		100Kb	Adobe PDF2	801	检视/开启
53024112.pdf		110Kb	Adobe PDF2	808	检视/开启

在政大典藏中所有的数据项都受到原著作权保护.

社群 sharing

著作權政策宣告 Copyright Announcement

1.本網站之數位內容為國立政治大學所收錄之機構典藏，無償提供學術研究與公眾教育等公益性使用，惟仍請適度，合理使用本網站之內容，以尊重著作權人之權益。商業上之利用，則請先取得著作權人之授權。
The digital content of this website is part of National Chengchi University Institutional Repository. It provides free access to academic research and public education for non-commercial use. Please utilize it in a proper and reasonable manner and respect the rights of copyright owners. For commercial use, please obtain authorization from the copyright owner in advance.

2.本網站之製作，已盡力防止侵害著作權人之權益，如仍發現本網站之數位內容有侵害著作權人權益情事者，請權利人通知本網站維護人員(nccur@nccu.edu.tw)，維護人員將立即採取移除該數位著作等補救措施。
NCCU Institutional Repository is made to protect the interests of copyright owners. If you believe that any material on the website infringes copyright, please contact our staff(nccur@nccu.edu.tw). We will remove the work from the repository and investigate your claim.

DSpace Software Copyright © 2002-2004 MIT & Hewlett-Packard / Enhanced by NTU Library IR team Copyright © - 回馈