Richard Wilson, Student, Department of Computer Science and Software Engineering, University of Melbourne, Melbourne, 3010. Email: rewilson@students.cs.mu.oz.au
Daniel Lowes, Student, Department of Computer Science, University of Pretoria, South Africa. Email: bejorgen@tuks.co.za
Security, restriction, Web, permissions
The complexity of web applications is increasing on a continual basis. With the increased complexity comes a corresponding rise in the need for fast, yet powerful, programmatic security. This security needs to offer services to the application that allow it to implement custom access and authentication control schemes - specifically, restricting users from individual system operations and from individual system entities (files, database records, and so on). We discuss the chosen abstract entities for representing Permissions in a database-driven environment, and then show how these entities can be used to implement fast and flexible security routines that can be applied to a wide range of web environments. We describe the algorithms used for dynamic and static checks, and finally present an extension to the basic system that improves functionality without additional overhead.
[ Full Paper ] [ Presentation ] [ Proceedings ] [ AusWeb Home Page ]