Using JDOSecure to Introduce Role-Based Permissions to Java Data Objects-Based Applications

  • Matthias Merz
  • Markus Aleksy
Conference paper

DOI: 10.1007/11827405_44

Part of the Lecture Notes in Computer Science book series (LNCS, volume 4080)
Cite this paper as:
Merz M., Aleksy M. (2006) Using JDOSecure to Introduce Role-Based Permissions to Java Data Objects-Based Applications. In: Bressan S., Küng J., Wagner R. (eds) Database and Expert Systems Applications. DEXA 2006. Lecture Notes in Computer Science, vol 4080. Springer, Berlin, Heidelberg

Abstract

The Java Data Objects specification is designed as lightweight persistence approach. Thus, JDO neither supports user authentication nor role-based authorization. Consequently, users are able to query the entire data store as well as to delete persistent objects without any restriction. The novel security approach JDOSecure was developed at the University of Mannheim to prevent unauthorized access to the data store while using the JDO API. Based on the dynamic proxy approach, JDOSecure introduces role-based permissions to JDO-based applications. In this paper we focuses on how JDOSecure enables Java Data Objects-based applications to deal with role-based permissions.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Matthias Merz
    • 1
  • Markus Aleksy
    • 1
  1. 1.Department of Information Systems IIIUniversity of MannheimMannheimGermany

Personalised recommendations