Home // SECURWARE 2012 , The Sixth International Conference on Emerging Security Information, Systems and Technologies // View article
Authors:
Aleksander Dikanski
Roland Steinegger
Sebastian Abeck
Keywords: security patterns; security framework; security engineering; authorization; authentication
Abstract:
In the development of secure applications, patterns are useful in the design of security functionality. Mature security products or frameworks are usually employed to implement such functionality. Yet, without a deeper comprehension of these products, the implementation of security patterns is difficult, as a non-guided implementation leads to non-deterministic results. In this paper, the Spring Security framework is analyzed with the goal of identifying supported authentication and authorization patterns. Additionally, a best practice guide on implementing the identified patterns using the framework is presented. A real world case study is presented, in which the findings are employed to implement security requirements in a web application. With this approach it is possible to overcome the gap between pattern-based security design and implementation to implement high quality security functionality in software systems.
Pages: 14 to 20
Copyright: Copyright (c) IARIA, 2012
Publication date: August 19, 2012
Published in: conference
ISSN: 2162-2116
ISBN: 978-1-61208-209-7
Location: Rome, Italy
Dates: from August 19, 2012 to August 24, 2012