Taming access control security: extending capabilities using the views relationship

Authors:
Marcus E. Markiewicz;Carlos J. P. Lucena;Donald D. Cowan
Affiliations:
Laboratório de Engenharia de Software (LES), Departmento de Informática, Pontifícia Universidade Católica, Rio de Janeiro 22460, RJ, Brazil;Laboratório de Engenharia de Software (LES), Departmento de Informática, Pontifícia Universidade Católica, Rio de Janeiro 22460, RJ, Brazil;Computer Science Department and Computer Systems Group, University of Waterloo, Waterloo, Ontario, Canada
Venue:
Software—Practice & Experience
Year:
2002

Citing 18
Cited 0

Application integration: constructing composite applications from interactive components

Software—Practice & Experience
Subject-oriented programming: a critique of pure objects

OOPSLA '93 Proceedings of the eighth annual conference on Object-oriented programming systems, languages, and applications
Design patterns: elements of reusable object-oriented software

Design patterns: elements of reusable object-oriented software
Abstract Data Views: An Interface Specification Concept to Enhance Design for Reuse

IEEE Transactions on Software Engineering
Applied cryptography (2nd ed.): protocols, algorithms, and source code in C

Applied cryptography (2nd ed.): protocols, algorithms, and source code in C
Roles: conceptual abstraction theory and practical language issues

Theory and Practice of Object Systems - Special issue on subjectivity in object-oriented systems
Pattern-oriented software architecture: a system of patterns

Pattern-oriented software architecture: a system of patterns
Cryptography and network security (2nd ed.): principles and practice

Cryptography and network security (2nd ed.): principles and practice
Meta objects for access control: extending capability-based security

NSPW '97 Proceedings of the 1997 workshop on New security paradigms
The Unified Modeling Language user guide

The Unified Modeling Language user guide
N degrees of separation: multi-dimensional separation of concerns

Proceedings of the 21st international conference on Software engineering
Subject-oriented design: towards improved alignment of requirements, design, and code

Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A method for obtaining digital signatures and public-key cryptosystems

Communications of the ACM
On the criteria to be used in decomposing systems into modules

Communications of the ACM
Handbook of Applied Cryptography

Handbook of Applied Cryptography
Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations

Understanding Public-Key Infrastructure: Concepts, Standards, and Deployment Considerations
A formulation of an extended object model using views

A formulation of an extended object model using views
A formal theory for the views-a relationship

3FACS'98 Proceedings of the 3rd BCS-FACS conference on Northern Formal Methods

Quantified Score

Hi-index	0.01

Visualization

Abstract

The 'views' relationship indicates how an object-oriented design can be clearly separated into objects and their corresponding interface. This paper uses the concept of 'views' in order to achieve full separation between the application and the security policy in the design and implementation. The result is achieved by providing a model for capabilities using 'views' that is richer than the traditional capability model. In addition, a distributed access control model is shown to be effective through the use of Secure Object Communication Channels (SOCCs) to allow for secure connections at the abstract object level. This security is applicable in the e-commerce application domain, bringing security directly to the application abstraction level.