Extending Java']Java for package based access control

被引：1

作者：

Papa, M ^{[1
]}

Bremer, O ^{[1
]}

Chandia, R ^{[1
]}

Hale, J ^{[1
]}

Shenoi, S ^{[1
]}

机构：

[1] Univ Tulsa, Dept Comp Sci, Ctr Informat Secur, Tulsa, OK 74104 USA

来源：

16TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS | 2000年

关键词：

D O I：

10.1109/ACSAC.2000.898859

中图分类号：

TP3 [计算技术、计算机技术];

学科分类号：

0812 ;

摘要：

This paper describes an extension of the Java language that provides "programmable security." The approach augments the Java syntax with constructs for specifying various access control policies for Java packages, including DAC, MAC, RBAC and TBAC. A primitive ticket based mechanism serves as the foundation for programmable security. The implementation incorporates a preprocessor for language translation and a security service library that implements the ticket management infrastructure. The preprocessor translates the extended Java source code to native Java for eventual bytecode interpretation, simultaneously binding security services to the native code. The design is simple and flexible, and provides developers with an effective tool for "programming" security within Java packages.

引用

页码：67 / 76

页数：10

共 50 条

[1] Extending Java for package based access control
Center for Information Security, Department of Computer Science, Keplinger Hall, University of Tulsa, Tulsa
OK
74104, United States
[J]. Proceedings - Annual Computer Security Applications Conference, ACSAC, 2000, 2000-January : 67 - 76
[2] Access Control of Web and Java']Java Based Applications
Tso, Kam S.
Pajevski, Michael J.
Johnson, Bryan
[J]. 2011 IEEE 17TH PACIFIC RIM INTERNATIONAL SYMPOSIUM ON DEPENDABLE COMPUTING (PRDC), 2011, : 320 - 325
[3] Analysing the Java']Java package/access concepts in Isabelle/HOL
Schirmer, N
[J]. CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2004, 16 (07): : 689 - 706
[4] Aspectizing Java']Java Access Control
Toledo, Rodolfo
Nunez, Angel
Tanter, Eric
Noye, Jacques
[J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2012, 38 (01) : 101 - 117
[5] On extending Java']Java
Krall, A
Vitek, J
[J]. MODULAR PROGRAMMING LANGUAGES, 1997, 1204 : 321 - 335
[6] JCCAP: Capability-based access control for Java']Java Card
Hagimont, D
Vandewalle, JJ
[J]. SMART CARD RESEARCH AND ADVANCED APPLICATIONS, 2000, 52 : 365 - 388
[7] Role-based access control on the web using Java']Java™
Giuri, L
[J]. FOURTH ACM WORKSHOP ON ROLE-BASED ACCESS CONTROL, PROCEEDINGS, 1999, : 11 - 18
[8] A distributed access control model for Java']Java
Molva, R
Roudier, Y
[J]. COMPUTER SECURITY - ESORICS 2000, PROCEEDINGS, 2000, 1895 : 291 - 308
[9] Java']Java annotated concurrency based on the concurrent package
Zhu, Hong
Yin, Zhaolin
Ding, Ying
[J]. SEVENTH INTERNATIONAL CONFERENCE ON PARALLEL AND DISTRIBUTED COMPUTING, APPLICATIONS AND TECHNOLOGIES, PROCEEDINGS, 2006, : 38 - +
[10] Security Enhanced Java']Java: Mandatory Access Control for the Java']Java Virtual Machine
Venelle, Benjamin
Briffaut, Jeremy
Clevy, Laurent
Toinard, Christian
[J]. 2013 IEEE 16TH INTERNATIONAL SYMPOSIUM ON OBJECT/COMPONENT/SERVICE-ORIENTED REAL-TIME DISTRIBUTED COMPUTING (ISORC), 2013,

← 1 2 3 4 5 →