Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
ECOOP
2009
Springer
2009
Springer
Fine-Grained Access Control with Object-Sensitive Roles
Role-based access control (RBAC) is a common paradigm to ensure that users have sufficient rights to perform various system operations. In many cases though, traditional RBAC does not easily express application-level security requirements. For instance, in a medical records system it is difficult to express that doctors should only update the records of their own patients. Further, traditional RBAC frameworks like Java's Enterprise Edition rely solely on dynamic checks, which makes application code fragile and difficult to ensure correct. We introduce Object-sensitive RBAC (ORBAC), a generalized RBAC model for object-oriented languages. ORBAC resolves the expressiveness limitations of RBAC by allowing roles to be parameterized by properties of the business objects being manipulated. We formalize and prove sound a dependent type system that statically validates a program's conformance to an ORBAC policy. We have implemented our type system for Java and have used it to validate...
Real-time TrafficECOOP 2009 | Generalized Rbac Model | Object-sensitive RBAC | Programming Languages | Traditional Rbac Frameworks |
Related Content
| Added | 22 Nov 2009 |
| Updated | 22 Nov 2009 |
| Type | Conference |
| Year | 2009 |
| Where | ECOOP |
| Authors | Jeffrey Fischer, Daniel Marino, Rupak Majumdar, Todd D. Millstein |
Comments (0)
Researcher Info
|
