Securing FrameWeb: Supporting Role-based Access Control in a Framework-based Design Method for Web Engineering

  • Rodolfo Costa do Prado UFES
  • Vítor E. Silva Souza UFES

Resumo


FrameWeb is a method for the development of Web-based Information Systems whose architectures are based on popular types of frameworks, such as Front Controller, Dependency Injection and Object/Relational Mapping frameworks. Also commonly used, Security Frameworks provide role-based access control through authentication and authorization features that can be reused if properly configured. In this paper, we extend FrameWeb to support Security Frameworks, allowing developers to model the aforementioned features in architectural design models using a graphical editor and generating code for the configuration of the framework and related artifacts. The proposal is validated using the code generator and comparing with artifacts from real projects.
Palavras-chave: Web Engineering, Frameworks, FrameWeb, Authentication, Authorization, Role-based Access Control, Code Generation
Publicado
16/10/2018
Como Citar

Selecione um Formato
DO PRADO, Rodolfo Costa; SILVA SOUZA, Vítor E.. Securing FrameWeb: Supporting Role-based Access Control in a Framework-based Design Method for Web Engineering. In: SIMPÓSIO BRASILEIRO DE SISTEMAS MULTIMÍDIA E WEB (WEBMEDIA), 24. , 2018, Salvador. Anais [...]. Porto Alegre: Sociedade Brasileira de Computação, 2018 . p. 213-220.