Detalhes bibliográficos
| Ano de defesa: |
2013 |
| Autor(a) principal: |
Jefferson de Oliveira Silva |
| Orientador(a): |
Não Informado pela instituição |
| Banca de defesa: |
Não Informado pela instituição |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
eng |
| Instituição de defesa: |
Instituto Tecnológico de Aeronáutica
|
| Programa de Pós-Graduação: |
Não Informado pela instituição
|
| Departamento: |
Não Informado pela instituição
|
| País: |
Não Informado pela instituição
|
| Palavras-chave em Português: |
|
| Link de acesso: |
http://www.bd.bibl.ita.br/tde_busca/arquivo.php?codArquivo=2840
|
Resumo: |
Authorization in its most basic form can be reduced to a simple question: "a subject X may access a resource Y?" A subject is a process, which is the representative of a user or an active external agent in a system. A resource is anything worth protecting such as files or services. The attempt to implement an adequate response to the authorization question has produced many access control models and mechanisms. The development of the authorization mechanisms usually employs frameworks, as a way of reusing larger portions of software. The present authorization context has demanded for applications able to handle security policies of multiple access control models. Industry has resolved this problem in a pragmatic way, by mingling business and authorization concerns into the code. This dissertation thesis proposes an extensible and decoupled architectural model, which allows the separation of authorization from business concerns. The Esfinge Guardian framework is proposed, instantiated based on the architectural model and made available as an open source tool. An application is created as an experiment, in which some authorization scenarios have been implemented and the achieved modularity is evaluated. Additionally, a comparative analysis among academic and industry frameworks is realized. As a result, software developers using Esfinge Guardian should be able to write code respecting the software engineering principle of separation of concerns. |
