Sciweavers

Share
ESORICS
2006
Springer

Discretionary Capability Confinement

9 years 5 months ago
Discretionary Capability Confinement
Motivated by the need of application-level access control in dynamically extensible systems, this work proposes a static annotation system for modeling capabilies in a Java-like programming language. Unlike previous language-based capability systems, the proposed annotation system can provably enforce capability confinement. This confinement guarantee is leveraged to model a strong form of separation of duty known as hereditary mutual suspicion. The annotation system has been fully implemented in a standard Java Virtual Machine.
Philip W. L. Fong
Added 22 Aug 2010
Updated 22 Aug 2010
Type Conference
Year 2006
Where ESORICS
Authors Philip W. L. Fong
Comments (0)
books