Identification, Implementation and Validation of Authentication and Authorization pattern in Distributed System using Spring Security Framework
ketan kumar, kalpesh patel
Security pattern, secure software, software vulnerability, spring security framework.
Software Security is an important part of Software development as the risk from attackers is constantly evolving through increased exposure. The main drawback in current approach is more concerned towards software requirement and not towards the security requirement of the software in SDLC. There are various techniques to identify the vulnerabilities which can be eliminated with the help of security pattern in software development life cycle. But the main concern is about which pattern is more efficient and can eliminate the vulnerabilities efficiently. The Security pattern must be applied in the Design phase and validated using USE TOOL that all the threats are mitigated.
But Main aim is to identify the J2EEE pattern which can be implemented in spring Security Framework with the help of available Classes of Spring Security and this framework is more concern about Authentication and Authorization. So we are also focusing on both of this area. After identification of Security pattern it is tested in Design phase and checked Using USE TOOL whether it is mitigating all the threat and finally it is implemented in Spring Security Framework.