A data modeling approach for office information systems
ACM Transactions on Information Systems (TOIS)
Using encryption for authentication in large networks of computers
Communications of the ACM
Programming semantics for multiprogrammed computations
Communications of the ACM
ACM SIGOPS Operating Systems Review
Adding capability access to conventional file servers
ACM SIGOPS Operating Systems Review
On security in capability-based systems
ACM SIGOPS Operating Systems Review
Hi-index | 0.00 |
A method of handling form-like documents is discussed. Documents which are protected from unauthorised access by encrypted checksums can be freely passed around a distributed, heterogeneous computer system. Multiple servers support multiple document types. A document may have several versions permitting parallel processing with optimistic concurrency control. Access control lists were found to be more suitable than capability-based schemes. Access control lists stored within the document (and protected by the checksum) were found to be useful in not requiring all servers to have information on all current instances of a document type and in permitting different document versions to have different ACLs. This allowed closer adherence to the principle of least privilege. Copyable access rights are supported to permit the flexible sharing thought most suitable for the application. The ability to audit the processing of a document was found to effect the choice of access control mechanism.