Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ACISP
1998
Springer
1998
Springer
Meta Objects for Access Control: Role-Based Principals
Abstract. Most current object-based distributed systems support access control lists for access control. However, it is difficult to determine which principal information to use for authentication of method calls. Domain-based and thread-based principals suffer from the problem of privileges being leaked. Malicious objects can trick privileged objects or threads to accidently use their privileges (UNIX s-bit problem). We introduce role-based principals to solve this problem. Each object reference may be associated with a role, which determines trust, authentication and permissible data flow via the reference. An object may act in different roles when interacting with different other parties. Exchanged references automatically inherit the role. By initially defining such roles, stablish a security policy on a very high abstraction level. Our security model is based on meta objects: principal meta objects provide principal information for method invocation, access control meta objects im...
Real-time TrafficRelated Content
| Added | 05 Aug 2010 |
| Updated | 05 Aug 2010 |
| Type | Conference |
| Year | 1998 |
| Where | ACISP |
| Authors | Thomas Riechmann, Jürgen Kleinöder |
Comments (0)
Researcher Info
|
