Detalhes bibliográficos
| Ano de defesa: |
2009 |
| Autor(a) principal: |
Oliveira, Cleverson Sacramento de
 |
| Orientador(a): |
Santanchè, André
|
| Banca de defesa: |
Monteiro, José Augusto Suruagy
,
Duarte, Angelo Amâncio |
| Tipo de documento: |
Dissertação
|
| Tipo de acesso: |
Acesso aberto |
| Idioma: |
por |
| Instituição de defesa: |
Universidade Salvador
|
| Programa de Pós-Graduação: |
Programa de Pós-Graduação em Sistemas e Computação
|
| Departamento: |
Sistemas e Computação
|
| País: |
BR
|
| Palavras-chave em Português: |
|
| Palavras-chave em Inglês: |
|
| Área do conhecimento CNPq: |
|
| Link de acesso: |
http://teste.tede.unifacs.br:8080/tede/handle/tede/264
|
Resumo: |
Redundant access control to applications is an important issue for enterprises nowadays. Each deployed system inside an organization has its own access control to grant right access for information. The negative effects of this scenario is perceived by the end users, dealing with too many passwords, and by the organization that needs to ensure control processes and auditing, increasing the operational costs. Appropriate application architecture, specialized in authentication and authorization, allows convergence in access control. This work aims to providing a service-oriented solution to support unified access control to applications by users, based on existing concepts and technologies to achieve interoperability in heterogeneous software environments. The RASEA project was conceived as a solution to enforce unified cross-platform access control for enterprise applications, embodying the presented concepts. One of the main contributions, and noteworthy characteristic of RASEA, is its simplicity in project design achieved through more than 30 (thirty) months of researchs and implementations. Another important contribution of this work, and a key differentiation compared to market solutions, is the 'agent' element from the project architecture, allowing extensibility and integration of several technologies and platforms. This work is not intended to be a replacement of existing technologies, but integrates with them. Therefore, a comparison between RASEA and the existing solutions off-the-shelf is provided. To ensure access control and platform independence, the proposed solution uses the concepts of RBAC and SOA. The ideas shown in this work were validated with simulations and tests strategically aligned with the goals of this project. Thus RASEA was able to promote 31% (thirty one percent) savings on application development costs and simplifying the access control administration for corporate systems. |
