A Service-Based Approach for RBAC and MAC Security
Charles E. Phillips Jr. (United States Military Academy, West Point, USA), Steven A. Demurjian (University of Connecticut, USA), Thuong Doan (University of Connecticut, USA) and Keith Bessette (University of Connecticut, USA)
Copyright: © 2008
Middleware security encompasses a wide range of potential considerations, ranging from the ability to utilize the security capabilities of middleware solutions (for example, CORBA, .NET, J2EE, DCE, and so forth) directly out-of-the-box in support of a distributed application to leveraging the middleware itself (paradigm) to realize complex and intricate security solutions (for example, discretionary access control, role-based access control, mandatory access control, and so forth). The objective in this chapter is to address the latter consideration: examining the attainment of advanced security capabilities using the middleware paradigm, namely, role-based access control (RBAC) and mandatory access control (MAC). The resulting security provides a robust collection of services that is versatile and flexible and easily integrates into a distributed application comprised of interacting legacy, COTS, GOTS, databases, servers, clients, and so forth.