Internet Resource Access Control - The Butterfly Model

摘要

E-business requires access control for all kinds of resources offered via the Internet to enable World Wide Web security. This access control should be centralized, e.g., to guarantee completeness and to avoid administration handling errors. Therefore a generic model would be helpful to reflect as many as possible aspects of applications and data to be protected, and to allow not only the construction of a single point of administration, but also an almost unique procedure for the administration of all kinds of resources, users, and rights. This model should be compact, efficient, and high-performing. Furthermore it should be usable in a distributed and heterogeneous environment even with respect to maintenance and data consistency aspects. The butterfly model gives a possible approach to that aim. In this paper, we focus on authorization topics, even if the other "AAA" topics - authentication, authorization, and auditing - are included in the butterfly model concept, too. We show, how our graphically organized approach makes the EJB modeling more intuitively. Our concept enriches the J2EE standard with protection possibilities even for bean instances. We give an example for that EJB resource modeling technique.