Abstract :
[en] In this paper, we present a policy-based approach for au-
tomating the integration of security mechanisms into Java-based business
applications. In particular, we introduce an expressive Domain Specific
modeling Language (Dsl), called Security@Runtime, for the specification
of security configurations of targeted systems. The Security@Runtime
Dsl supports the expression of authorization, obligation and reaction
policies, covering many of the security requirements of modern applica-
tions. Security requirements specified in security configurations are en-
forced using an application-independent Policy Enforcement Point (Pep)-
Policy Decision Point (Pdp) architecture, which enables the runtime up-
date of security requirements. Our work is evaluated using two systems
and its advantages and limitations are discussed
Scopus citations®
without self-citations
7