A declarative authentication and authorization framework for convergent IMS/Web application servers based on aspect oriented code injection

摘要

Incorporating security to large Java applications is a tricky and sometimes difficult task, which may increase code complexity, development costs and unmaintainability. For these reasons, some frameworks are emerging which facilitate the inclusion of security processes (i.e. authentication and authorization) in a declarative way through aspect weaving. In this context, ACEGI is the reference framework being used today by thousands of large web applications. However, there is not such a framework when dealing with SIP/IMS development. In this direction, the objective of this paper is to present an extension of ACEGI, which enables developers a seamless use of this powerful framework for creating secured Java applications based on SIP. This approach has a number of advantages including the fact that authorization and authentication processes can be incorporated easily into SIP/IMS applications and that we can use the same security framework for developing convergent SIP/Web secured applications without the need of duplicating the security code.