Research Article
Secure Scripting Based Composite Application Development: Framework, Architecture, and Implementation
@INPROCEEDINGS{10.1109/COLCOM.2007.4553815, author={Tom Dinkelaker and Alisdair Johnstone and Yuecel Karabulut and Ike Nassi}, title={Secure Scripting Based Composite Application Development: Framework, Architecture, and Implementation}, proceedings={3rd International ICST Conference on Collaborative Computing: Networking, Applications and Worksharin}, publisher={IEEE}, proceedings_a={COLLABORATECOM}, year={2008}, month={6}, keywords={Scripting security composite application}, doi={10.1109/COLCOM.2007.4553815} }- Tom Dinkelaker
Alisdair Johnstone
Yuecel Karabulut
Ike Nassi
Year: 2008
Secure Scripting Based Composite Application Development: Framework, Architecture, and Implementation
COLLABORATECOM
IEEE
DOI: 10.1109/COLCOM.2007.4553815
Abstract
Dynamic scripting languages such as Ruby provide language features that enable developers to express their intent more rapidly and with fewer expressions. Organizations started using these languages in order to add enhancements to their existing applications or create composite applications. Current research has not yet addressed how security specification and enforcement can be done for scripting based application development. To fill this gap, we developed a framework for the design and facilitation of security. Our approach enables a business oriented application developer to add high-level security intentions to his business process model. The framework supports the automatic generation of security configuration and enforcement. As a proof-of-concept, we present an architecture and report the implementation status
