Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACSC
2002
IEEE
2002
IEEE
Bracket Capabilities for Distributed Systems Security
The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Research systems based on capabilities provide a more secure mechanism but also fail to support more flexible security constraints such as parameter restrictions, logging and state-dependent access. They also fail to enforce a strict need-to-know view of a persistent object for each user. In this paper we present the concept of bracket capabilities as a new, simple security mechanism which fulfils these requirements. We discuss the reasons for integrating bracketing and view types at a fundamental level of the security mechanism. We demonstrate the use of the mechanism in a simple Ecommerce environment to provide secure electronic cheques and describe a prototype implementation of the mechanism in middleware for secure, distributed Java applications.
Real-time TrafficACSC 2002 | Secure Mechanism | Security Mechanism | Simple Security Mechanism | Theoretical Computer Science |
Related Content
| Added | 14 Jul 2010 |
| Updated | 14 Jul 2010 |
| Type | Conference |
| Year | 2002 |
| Where | ACSC |
| Authors | Mark Evered |
Comments (0)
Researcher Info
|
