|< Day Day Up >|
Chapter 5. Access Control
Access control mechanisms that specify and enforce rules about who can access what form the basis for protecting and sharing resources among users of a multi-user system. To understand the basic idea behind access control, think of multi-user operating systems such as the different flavors of UNIX, Linux, and newer versions of MS Windows. These systems store user data in files. It is possible for a user to keep a particular file all for himself or herself or share it with others in read only or read-write mode. The operating system enforces the access control rules based on permissions associated with the files. Internally, these two operating systems take substantially different approaches to address the same problem. Under UNIX and Linux systems, the file access control mechanism can be summarized (with some loss of precision) as follows: a file has an owner and a group, different access rights (read, write or execute), and can be specified separately for the owner, group members and others. Windows NT and Windows 2000 have a more expressive, but somewhat complex mechanism to specify similar access rights.
Though the topic of access control often comes up in the context of operating systems, it is important to keep in mind that there are other multi-user systems that have a legitimate need for such mechanisms. Middleware systems such as RDBMSs (Relational Database Management Systems), transaction management systems, enterprise messaging systems, Web servers, and so on. need to provide restricted access to resources under their control. Similarly, multi-user enterprise applications, built on top of operating systems and middleware systems, employ access control mechanisms to protect data and ensure correct operation and integrity of the system.
In some scenarios, especially when you run programs downloaded from the Internet, there is a need to control access not only based on who is running the program but also where the code came from. You certainly don't want a game program downloaded from some website to read the financial data stored in your hard disk. At the same time, you may not mind sharing the same data files with a program downloaded from your bank's website as an aid to prepare tax filings. Although not very common in most computing environments, such a code-centric view of access control has been the driving force for Java's security model during the initial years of its evolution.
The field of access control technology is well researched and a wealth of knowledge exists. Keeping in line with the main focus of this book as a practitioner's tool, we skip the theoretical discussion, and simply go over some of the practical aspects of access control technology.
In a number of ways the Java platform is like a middleware, sitting on top of the operating system and providing execution environment and other services to applications. What are the specific access control requirements for such a middleware? We answer this shortly. To start with, let us take a quick tour of Java access control features.
|< Day Day Up >|