Crosscutting software artifacts for access control

Date
2013
Authors
Robinson, Mark
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract

Today's techniques for software artifact access control bear an increased maintenance cost due to their coarse granularity and limited expressive power. As a result, the implemented access control policies can be incorrect or incomplete, creating security vulnerabilities. Furthermore, the additional maintenance of access-restricted artifacts may negatively influence developers' decisions for collaboration opportunities. This thesis proposes a crosscutting concern-based approach to a software artifact access control model that can reliably enforce access control, reduce maintenance, and increase the types of polices that can be expressed. We implemented our approach as a front-end integrated development environment, SaJE, and a back-end access control monitor, GitBAC. We evaluated our implementation in two laboratory studies and a human subject experiment, measuring reliability, maintenance, and usability. The results from our evaluation indicate that crosscutting concerns are an effective means of implementing software artifact access control, offering improvements over conventional techniques.

Description
This item is available only to currently enrolled UTSA students, faculty or staff.
Keywords
access control, crosscutting concerns, development tools, software artifacts, software engineering, version control
Citation
Department
Computer Science