Name: RODOLFO COSTA DO PRADO
Publication date: 15/04/2020
Advisor:
| Name | Role |
|---|---|
| VÍTOR ESTÊVÃO SILVA SOUZA | Advisor * |
Examining board:
| Name | Role |
|---|---|
| VÍTOR ESTÊVÃO SILVA SOUZA | Advisor * |
| DAVIDSON CURY | Internal Examiner * |
Summary: FrameWeb is a method for the development of Web-based Information Systems whose
architectures are based on popular types of frameworks, such as Front Controller, Dependency
Injection and Object/Relational Mapping frameworks. Also commonly used, Security
Frameworks provide role-based access control through authentication and authorization
features that can be reused if properly configured. In this work, we extend FrameWeb
to support Security frameworks, allowing developers to model the aforementioned features
in architectural design models using a graphical editor and generating code for the
configuration of the framework and related artifacts.
The Role Based Access Control (RBAC) policy was used as a guideline for the extensions
on the method. It proposes access control using roles that can be imbued to users inside
an application, each role has a set of permissions for the execution of operations on system
data.
The proposal was first validated by generating code based on models and comparing
with artifacts from real projects. A second validation was made by students of Computer
Science, that used the proposals of this work to develop web applications with security
frameworks, then provided feedback on the experiment.
