Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
An aspect-oriented approach towards enhancing optimistic access control with usage control
Thesis (PHD)--University of Pretoria, 2010.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Published: |
University of Pretoria
2013
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613555974471680 |
|---|---|
| access_status_str | Open Access |
| author2 | Eloff, Jan H.P. |
| author_browse | Eloff, Jan H.P. |
| author_facet | Eloff, Jan H.P. |
| collection | Thesis |
| dc_rights_str_mv | © 2009 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. |
| description | Thesis (PHD)--University of Pretoria, 2010. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/26683 |
| institution | University of Pretoria (South Africa) |
| last_indexed | 2026-06-10T12:38:00.699Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2013 |
| publishDateRange | 2013 |
| publishDateSort | 2013 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/26683 An aspect-oriented approach towards enhancing optimistic access control with usage control Eloff, Jan H.P. padayk@unisa.ac.za Padayachee, Keshnee Aspect-oriented programming Usage control Access control Optimistic access control UCTD Thesis (PHD)--University of Pretoria, 2010. With the advent of agile programming, lightweight software processes are being favoured over the highly formalised approaches of the 80s and 90s, where the emphasis is on "people, not processes". Likewise, access control may benefit from a less prescriptive approach and an increasing reliance on users to behave ethically. These ideals correlate with optimistic access controls. However, such controls alone may not be adequate as they are retrospective rather proactive. Optimistic access controls may benefit from the stricter enforcement offered by usage control. The latter enables finer-grained control over the usage of digital objects than do traditional access control policies and models, as trust management concerns are also taken into consideration. This thesis investigates the possibility of enhancing optimistic access controls with usage control to ensure that users conduct themselves in a trustworthy manner. Since this kind of approach towards access control has limited applicability, the present study investigates contextualising this approach within a mixed-initiative access control framework. A mixed-initiative access control framework involves combining a minimum of two access control models where the request to information is mediated by a mixture of access policy enforcement agents. In order for this type of integration to be successful, a software development approach was considered that allows for the seamless augmentation of traditional access control with optimistic access control enhanced with usage control, namely the aspect-oriented approach. The aspect-oriented paradigm can facilitate the implementation of additional security features to legacy systems without modifying existing code. This study therefore evaluates the aspect-oriented approach in terms of implementing security concerns. It is evidently difficult to implement access control and in dynamic environments preconfigured access control policies may often change dramatically, depending on the context. In unpredicted circumstances, users who are denied access could often have prevented a catastrophe had they been allowed access. The costs of implementing and maintaining complex preconfigured access control policies sometimes far outweigh the benefits. Optimistic controls are retrospective and allow users to exceed their normal privileges. However, if a user accesses information unethically, the consequences could be disastrous. Therefore it is proposed that optimistic access control be enhanced with some form of usage control, which may prevent the user from engaging in risky behaviour. An initiative towards including security in the earlier phases of the software life cycle is gaining momentum, as it is much easier to design with security from the onset than to use the penetrate-and-patch approach. Unfortunately, incorporating security into software development takes time and developers tend to focus more on the features of the software application. The aspect-oriented paradigm can facilitate the implementation of additional security features in legacy systems without modifying existing code. The current study evaluates the aspect-oriented approach towards enhancing optimistic access control with usage control. The efficacy of the aspect-oriented paradigm has been well established within several areas of software security, as aspect-orientation facilitates the abstraction of these security-related tasks so as to reduce code complexity. Computer Science unrestricted 2013-09-07T07:12:40Z 2010-09-16 2013-09-07T07:12:40Z 2010-07-26 2010-09-16 2010-07-26 Thesis Padayachee, K 2009, An aspect-oriented approach towards enhancing optimistic access control with usage , PhD thesis, University of Pretoria, Pretoria, viewed yymmdd < http://hdl.handle.net/2263/26683 > B10/541/ag http://hdl.handle.net/2263/26683 http://upetd.up.ac.za/thesis/available/etd-07262010-142652/ © 2009 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. application/pdf application/pdf application/pdf application/pdf application/pdf application/pdf University of Pretoria |
| spellingShingle | Aspect-oriented programming Usage control Access control Optimistic access control UCTD An aspect-oriented approach towards enhancing optimistic access control with usage control |
| title | An aspect-oriented approach towards enhancing optimistic access control with usage control |
| title_full | An aspect-oriented approach towards enhancing optimistic access control with usage control |
| title_fullStr | An aspect-oriented approach towards enhancing optimistic access control with usage control |
| title_full_unstemmed | An aspect-oriented approach towards enhancing optimistic access control with usage control |
| title_short | An aspect-oriented approach towards enhancing optimistic access control with usage control |
| title_sort | aspect oriented approach towards enhancing optimistic access control with usage control |
| topic | Aspect-oriented programming Usage control Access control Optimistic access control UCTD |
| url | http://hdl.handle.net/2263/26683 http://upetd.up.ac.za/thesis/available/etd-07262010-142652/ |