abstract

Exploiting modular access control for advanced policies

Author:

Rodolfo ToledoAuthors Info & Claims

AOSD '11: Proceedings of the tenth international conference on Aspect-oriented software development companion

Pages 87 - 88

https://doi.org/10.1145/1960314.1960348

Published: 21 March 2011 Publication History

Get Access

Abstract

In previous work we successfully modularized the Java access control architecture. The approach consists in expressing access control using restriction aspects scoped with an appropriate scoping strategy. In this work we briefly explore how restriction aspects and scoping strategies make it possible to express novel and useful access control policies in a direct manner.

References

[1]

C. Fournet and A. D. Gordon. Stack inspection: theory and variants. ACM Transactions on Programming Languages and Systems (TOPLAS), 25(3):360 -- 399, 2003.

Digital Library

Google Scholar

[2]

N. Hardy. The confused deputy. SIGOPS Operating Systems Review, 22(4):36--38, 1988.

Digital Library

Google Scholar

[3]

M. S. Miller. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. PhD thesis, John Hopkins University, Baltimore, Maryland, USA, May 2006.

Digital Library

Google Scholar

[4]

J. H. Saltzer and M. D. Schroeder. The protection of information in computer systems, 1975.

Google Scholar

[5]

P. Samarati and S. D. C. di Vimercati. Access control: Policies, models, and mechanisms. In Foundations of Security Analysis and Design, volume 2171 of Lecture Notes in Computer Science, pages 137--196. Springer Berlin / Heidelberg, London, UK, 2001.

Digital Library

Google Scholar

[6]

É. Tanter. Expressive scoping of dynamically-deployed aspects. In Proceedings of the 7th ACM International Conference on Aspect-Oriented Software Development (AOSD 2008), pages 168--179, Brussels, Belgium, Apr. 2008. ACM Press.

Digital Library

Google Scholar

[7]

R. Toledo, A. Núnez, É. Tanter, and J. Noyé. Aspectizing Java Access Control. IEEE Transactions on Software Engineering, 2011. In Press.

Digital Library

Google Scholar

[8]

D. Wallach and E. Felten. Understanding Java stack inspection. In Proceedings of the IEEE Symposium on Security and Privacy, pages 52--63, 1998.

Crossref

Google Scholar

Index Terms

Exploiting modular access control for advanced policies
1. Software and its engineering
  1. Software creation and management
    1. Software development techniques
      1. Reusability
  2. Software notations and tools
    1. Software libraries and repositories

Recommendations

Secure and modular access control with aspects
AOSD '13: Proceedings of the 12th annual international conference on Aspect-oriented software development

Can access control be fully modularized as an aspect? Most proposals for aspect-oriented access control are limited to factoring out access control checks, still relying on a non-modular and ad hoc infrastructure for permission checking. Recently, we ...
Configuring role-based access control to enforce mandatory and discretionary access control policies

Access control models have traditionally included mandatory access control (or lattice-based access control) and discretionary access control. Subsequently, role-based access control has been introduced, along with claims that its mechanisms are general ...
Aspectizing Java Access Control

It is inevitable that some concerns crosscut a sizeable application, resulting in code scattering and tangling. This issue is particularly severe for security-related concerns: It is difficult to be confident about the security of an application when ...

Comments

Information & Contributors

Information

Published In

AOSD '11: Proceedings of the tenth international conference on Aspect-oriented software development companion

March 2011

102 pages

ISBN:9781450306065

DOI:10.1145/1960314

General Chair:
Paulo Borba
Federal University of Pernambuco, Brazil
,
Program Chair:
Shigeru Chiba
Tokyo Institute of Technology, Japan

In-Cooperation

Centro de Informatica - UFPE: Centro de Informatica - UFPE
CAPES: Coordençãao de Aperfeiçoamento de Pessoal de Nível Superior
CNPq: Conselho Nacional de Desenvolvimento Cientifico e Tecn
FINEP: Financiadora de Estudos e Projetos
PUC-Rio
FACEPE: Fundacao de Amparo a Ciencia e Tecnologia do Estado de Pernambuco

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 21 March 2011

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Abstract

Conference

AOSD'11

Sponsor:

AOSD'11: Tenth International Conference on Aspect-Oriented Software Development

March 21 - 25, 2011

Porto de Galinhas, Brazil

Acceptance Rates

Overall Acceptance Rate 41 of 139 submissions, 29%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

0
Total Citations
80
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 08 Mar 2025

Other Metrics

View Author Metrics

Citations

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

Abstract

References

Index Terms

Recommendations

Secure and modular access control with aspects

Configuring role-based access control to enforce mandatory and discretionary access control policies

Aspectizing Java Access Control

Comments

Information

Published In

Sponsors

In-Cooperation

Publisher

Publication History

Permissions

Check for updates

Author Tags

Qualifiers

Conference

Acceptance Rates

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Login options

Full Access

View options

PDF

eReader

Share

Share this Publication link

Share on social media

Affiliations