Konstantin Beznosov

16 October 2005

Abstract: This tutorial provides an overview of access control mechanisms in two most popular commercial middleware technologies, COM+ and EJB. Three main aspects of the mechanisms are explained: a) how enforcement of the access control policies is done, b) the main elements of each technology access control model, and c) the types of policies supported. The technologies are compared, in respect to access control, against each other. Their advantages and disadvantages are discussed.

Keyword(s): EJB ; COM+ ; distributed systems security ; access control

Published in: Konstantin Beznosov, "Access Control Architectures: COM+ vs. EJB," tutorial has been given at the JavaPolis, Antwerpen, Belgium, 16 December, 2004. :