A Type System for Access Control Views in Object-Oriented Languages

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Access control to objects in common object-oriented languages is statically verified but cannot be changed at run-time. However, dynamic authorization is required by most applications and it would be desirable to check more flexible access control policies also statically, at least partially. In this work, we introduce a model where "views" to object references represent the current access control policy of a principal for a given object, and first class authorizations support dynamic modification of those policies. To demonstrate our concepts, we have developed a core language, equipped with a provably correct type and effect system capable of detecting unauthorized method calls at compile-time, and defined and implemented a typechecking algorithm.
Original languageUnknown
Title of host publicationLecture Notes in Computer Science
Pages59-76
DOIs
Publication statusPublished - 1 Jan 2010
EventAutomated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (ARSPA-WITS) -
Duration: 1 Jan 2010 → …

Conference

ConferenceAutomated Reasoning for Security Protocol Analysis and Issues in the Theory of Security (ARSPA-WITS)
Period1/01/10 → …

Cite this