Skip to main content
SpringerLink
Log in

BTA: Architecture for Reusable Business Tier Components with Access Control

  • Conference paper
Computational Science and Its Applications – ICCSA 2012 (ICCSA 2012)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 7335))

Included in the following conference series:

Abstract

Currently, business tiers for relational database applications are mostly built from software artifacts, among which Java Persistent API, Java Database Connectivity and LINQ are three representatives. Those software artifacts were mostly devised to address the impedance mismatch between the object-oriented and the relational paradigms. Key aspects as reusable business tier components and access control to data residing inside relational databases have not been addressed. To tackle the two aspects, this research proposes an architecture, referred to here as Business Tier Architecture (BTA), to develop reusable business tier components which enforce access control policies to data residing inside relational databases management systems. Besides BTA, this paper also presents a proof of concept based on Java and on Java Database Connectivity (JDBC).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. David, M.: Representing database programs as objects. In: Bancilhon, F., Buneman, P. (eds.) Advances in Database Programming Languages, pp. 377–386. ACM, N.Y (1990)

    Google Scholar 

  2. Cook, W., Ibrahim, A.: Integrating programming languages and databases: what is the problem? (May 2011), http://www.odbms.org/experts.aspx#article10

  3. Heineman, G.T., Councill, W.T.: Component-Based Software Engineering: Putting the Pieces Together, 1st edn. Addison-Wesley (2001)

    Google Scholar 

  4. Parsian, M.: JDBC Recipes: A Problem-Solution Approach. Apress, NY (2005)

    Google Scholar 

  5. Erik, M., Brian, B., Gavin, B.: LINQ: Reconciling Object, Relations and XML in the.NET framework. In: ACM SIGMOD International Conference on Management of Data. ACM, Chicago (2006)

    Google Scholar 

  6. Yang, D.: Java Persistence with JPA2010. Outskirts Press

    Google Scholar 

  7. Oracle. Oracle9i Database Administrator’s Guide, Release 2 (9.2). (December 2011), http://docs.oracle.com/cd/B10501_01/server.920/a96521/toc.html

  8. Sack, J.: SQL Server 2008 - Transact-SQL Recipes. In: Gennick, J. (ed.). Apress (2008)

    Google Scholar 

  9. Keller, W.: Mapping Objects to Tables - A Pattern Language. In: European Conference on Pattern Languages of Programming Conference (EuroPLoP), Irsse, Germany (1997)

    Google Scholar 

  10. Lammel, R., Meijer, E.: Mappings Make data Processing Go ’Round: An Inter-paradigmatic Mapping Tutorial. In: Generative and Transformation Techniques in Software Engineering. Springer, Braga (2006)

    Chapter  Google Scholar 

  11. Christian, B., Gavin, K.: Hibernate in Action. Manning Publications Co. (2004)

    Google Scholar 

  12. Oracle. Oracle TopLink (October 2011), http://www.oracle.com/technetwork/middleware/toplink/overview/index.html

  13. Microsoft. Microsoft Open Database Connectivity (October 2011), http://msdn.microsoft.com/en-us/library/ms710252VS.85.aspx

  14. Mead, G., Boehm, A.: ADO.NET 4 Database Programming with C# 2010. Mike Murach & Associates, Inc., USA (2011)

    Google Scholar 

  15. Moore, J.W.: The ANSI binding of SQL to ADA. Ada Letters XI(5), 47–61 (1991)

    Article  Google Scholar 

  16. Eisenberg, A., Melton, J.: Part 1: SQL Routines using the Java (TM) Programming Language. In: International Committee for Information Technolgy American National Standard for Information for Technology Database Languages, SQLJ 1999 (1999)

    Google Scholar 

  17. William, R.C., Siddhartha, R.: Safe query objects: statically typed objects as remotely executable queries. In: 27th International Conference on Software Engineering. ACM, St. Louis (2005)

    Google Scholar 

  18. Russell, A.M., Ingolf, H.K.: SQL DOM: compile time checking of dynamic SQL statements. In: 27th International Conference on Software Engineering. ACM, St. Louis (2005)

    Google Scholar 

  19. Corcoran, B.J., Swamy, N., Hicks, M.: Cross-tier, Label-based Security Enforcement for Web Applications. In: Proceedings of the 35th SIGMOD International Conference on Management of Data, pp. 269–282. ACM, Providence (2009)

    Chapter  Google Scholar 

  20. Cooper, E., Lindley, S., Yallop, J.: Links: Web Programming Without Tiers. In: de Boer, F.S., Bonsangue, M.M., Graf, S., de Roever, W.-P. (eds.) FMCO 2006. LNCS, vol. 4709, pp. 266–296. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  21. Zhang, D., et al. Jif: Java + information flow (December 2011), http://www.cs.cornell.edu/jif/

  22. Rizvi, S., et al.: Extending Query Rewriting Techniques for Fine-grained Access Control. In: Proceedings of the 2004 ACM SIGMOD International Conference on Management of Data, pp. 551–562. ACM, Paris (2004)

    Chapter  Google Scholar 

  23. Dwork, C.: Differential Privacy: A Survey of Results. In: Agrawal, M., Du, D.-Z., Duan, Z., Li, A. (eds.) TAMC 2008. LNCS, vol. 4978, pp. 1–19. Springer, Heidelberg (2008)

    Chapter  Google Scholar 

  24. McSherry, F.: Privacy Integrated Queries: An Extensible Platform for Privacy-preserving Data Analysis. Commun. ACM 53(9), 89–97 (2010)

    Article  Google Scholar 

  25. Gregor Kiczales, J.L., Mendhekar, A., Maeda, C., Videira, C.L., Loingtier, J.-M., Irwin, J.: Aspect-Oriented Programming. In: ECOOP, Jyvaskyla, Finland (1997)

    Google Scholar 

  26. Laddad, R.: AspectJ in Action: Practical Aspect-Oriented Programming. Manning Publications, Greenwich (2003)

    Google Scholar 

  27. Fabry, J., D’Hondt, T.: KALA: Kernel Aspect Language for Advanced Transactions. In: Proceedings of the 2006 ACM Symposium on Applied Computing, pp. 1615–1620. ACM, Dijon (2006)

    Chapter  Google Scholar 

  28. Dinkelaker, T.: AO4SQL: Towards an Aspect-Oriented Extension for SQL. In: Proceedings of the 8th Workshop on Reflection, AOP and Meta-Data for Software Evolution (RAMSE 2011), Zurich, Switzerland (2011)

    Google Scholar 

  29. Oracle. Interface PreparedStatement (December 2011), http://download.oracle.com/javase/6/docs/api/java/sql/PreparedStatement.html

  30. Sandhu, R.S., Samarati, P.: Access Control: Principle and Practice. IEEE Communications Magazine 32(9), 40–48 (1994)

    Article  Google Scholar 

  31. Jajodia, S., Sandhu, R.: Toward a Multilevel Secure Relational Data Model. In: Proceedings of the 1991 ACM SIGMOD International Conference on Management of Data, pp. 50–59. ACM, Denver (1991)

    Chapter  Google Scholar 

  32. Lunt, T.F., et al.: The SeaView Security Model. IEEE Transactions on Software Engineering 16(6), 593–607 (1990)

    Article  Google Scholar 

  33. Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST Model for Role-based Access Control: Towards a Unified Standard. In: Proceedings of the fifth ACM Workshop on Role-based Access Control, pp. 47–63. ACM, Berlin (2000)

    Chapter  Google Scholar 

  34. Barker, S., Stuckey, P.J.: Flexible Access Control Policy Specification with Constraint Logic Programming. ACM Transactions on Information and System Security 6(4), 501–546 (2003)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. DETI, Instituto de Telecomunicações, University of Aveiro, 3810-193, Aveiro, Portugal

    Óscar Mortágua Pereira & Rui L. Aguiar

  2. Centro Algoritmi, University of Minho, 4800-058, Guimarães, Portugal

    Maribel Yasmina Santos

Authors
  1. Óscar Mortágua Pereira
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Rui L. Aguiar
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Maribel Yasmina Santos
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Laboratory of Urban and Territorial Systems, University of Basilicata, 10, Viale dell’Ateneo Lucano, 85100, Potenza, Italy

    Beniamino Murgante

  2. Department of Mathematics and Computer Science, University of Perugia, Via Vanvitelli 1, 06123, Perugia, Italy

    Osvaldo Gervasi

  3. Department of Cyber Security Science, Federal University of Technology, Gidan Kwano Campus, Minna, Nigeria

    Sanjay Misra

  4. Faculty of Engineering, Department of Electronics Engineering and Telecommunications, State University of Rio de Janeiro, Rua Sao Francisco Xavier, 524, 50. andar, sala 5145-F, Maracana, 20.550-013, Rio de Janeiro, RJ, Brazil

    Nadia Nedjah

  5. Department of Production and Systems, University of Minho, Campus de Gualtar, 4710-057, Braga, Portugal

    Ana Maria A. C. Rocha

  6. School of Business Systems, Monash University, 3800, Clayton, VIC, Australia

    David Taniar

  7. Department of Intelligent Informatics, Kyushu Sangyo University, 2-3-1 Matsukadai, Higashi-ku, 813-8503, Fukuoka, Japan

    Bernady O. Apduhan

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Pereira, Ó.M., Aguiar, R.L., Santos, M.Y. (2012). BTA: Architecture for Reusable Business Tier Components with Access Control. In: Murgante, B., et al. Computational Science and Its Applications – ICCSA 2012. ICCSA 2012. Lecture Notes in Computer Science, vol 7335. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-31137-6_52

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-31137-6_52

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-31136-9

  • Online ISBN: 978-3-642-31137-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation