Reflective authorization systems: possibilities, benefits, and drawbacks

Authors:
Massimo Ancona;Walter Cazzola;Eduardo B. Fernandez
Affiliations:
-;-;-
Venue:
Secure Internet programming
Year:
2001

Citing 12
Cited 4

Concepts and experiments in computational reflection

OOPSLA '87 Conference proceedings on Object-oriented programming systems, languages and applications
Transparency and reflection in distributed systems

ACM SIGOPS Operating Systems Review
Role-Based Access Control Models

Computer
Determining role rights from use cases

RBAC '97 Proceedings of the second ACM workshop on Role-based access control
Exception-based information flow control in object-oriented systems

ACM Transactions on Information and System Security (TISSEC)
Flexible control of downloaded executable content

ACM Transactions on Information and System Security (TISSEC)
Protection in operating systems

Communications of the ACM
Database Security and Integrity

Database Security and Integrity
Evaluation of Object-Oriented Reflective Models

ECOOP '98 Workshop ion on Object-Oriented Technology
Protection

ACM SIGOPS Operating Systems Review
Paths: Programming with System Resources in Support of Real-Time Distributed Applications

WORDS '96 Proceedings of the 2nd Workshop on Object-Oriented Real-Time Dependable Systems (WORDS '96)
Escort: A Path-Based OS Security Architecture

Escort: A Path-Based OS Security Architecture

A Reflective Active Network Node

IWAN '00 Proceedings of the Second International Working Conference on Active Networks
Reflections on MOPs, Components, and Java Security

ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
A Specification Language for Distributed Policy Control

ICICS '02 Proceedings of the 4th International Conference on Information and Communications Security
A Simple Security-Aware MOP for Java

REFLECTION '01 Proceedings of the Third International Conference on Metalevel Architectures and Separation of Crosscutting Concerns

Quantified Score

Hi-index	0.01

Visualization

Abstract

We analyze how to use the reflective approach to integrate an authorization system into a distributed object-oriented framework. The expected benefits from the reflective approach are: more stability of the security layer (i.e., with a more limited number of hidden bugs), better software and development modularity, more reusability, and the possibility to adapt the security module with at most a few changes to other applications. Our analysis is supported by simple and illustrative examples written in Java.