Sharing and protection in a single-address-space operating system
ACM Transactions on Computer Systems (TOCS) - Special issue on computer architecture
Capability-Based Computer Systems
Capability-Based Computer Systems
The Java Language Specification
The Java Language Specification
Mobile Agents: Are They a Good Idea?
MOS '96 Selected Presentations and Invited Papers Second International Workshop on Mobile Object Systems - Towards the Programmable Internet
The Cambridge CAP computer and its operating system (Operating and programming systems series)
The Cambridge CAP computer and its operating system (Operating and programming systems series)
Hi-index | 0.00 |
This paper describes a capability-based access control mechanism implemented on a Java environment. In this scheme, access to objects is controlled by means of software capabilities that can be exchanged between mutually suspicious interacting applications. Each application defines the access control rules that must be enforced when interacting with other applications. The definition of access right is managed as a non-functional aspect in the sense it is completely separated from the application code, thus enforcing modularity and ease of expression. It is described in an extended Interface Definition Language (IDL) at the interface level. We have experimented with two prototypes that show how this access control mechanism can be efficiently implemented on a standard Java environment.