Sciweavers

NSPW
1998
ACM

Meta Objects for Access Control: a Formal Model for Role-Based Principals

13 years 8 months ago
Meta Objects for Access Control: a Formal Model for Role-Based Principals
Object-based programming is becoming more and more popular and is currently conquering the world of distributed programming models. In object-based systems access control is often based on capabilities, despite the difficulty to keep track of their distribution. Access control lists are used only rarely, as information about the principal on whose behalf an operation is to be executed is needed and it is difficult to determine which principal information to use for a specific method invocation. Current object-based systems use domain-based or thread-based principals. Domains or threads are associated with principals. If a specific object or a specific thread invokes a method, the invocation is always executed on that principal’s behalf. Both policies suffer from the reference proxy problem: A low privileged object can pass references to a highly privileged object and may animate it to call methods with its high privileges via these obtained references (Unix S-bit problem). As t...
Thomas Riechmann, Franz J. Hauck
Added 05 Aug 2010
Updated 05 Aug 2010
Type Conference
Year 1998
Where NSPW
Authors Thomas Riechmann, Franz J. Hauck
Comments (0)