Taming access control security: extending capabilities using the views relationship

The ‘views’ relationship indicates how an object‐oriented design can be clearly separated into objects and their corresponding interface. This paper uses the concept of ‘views’ in order to achieve full separation between the application and the security policy in the design and implementation. The r...

Full description

Saved in:
Bibliographic Details
Published inSoftware, practice & experience Vol. 32; no. 4; pp. 341 - 358
Main Authors Markiewicz, Marcus E., Lucena, Carlos J. P., Cowan, Donald D.
Format Journal Article
LanguageEnglish
Published Chichester, UK John Wiley & Sons, Ltd 10.04.2002
Subjects
abstract design objects
abstract design views
capability
e-commerce
end-user programming
reuse
security
subject-oriented programming
views
Online AccessGet full text

Cover

More Information
Summary:The ‘views’ relationship indicates how an object‐oriented design can be clearly separated into objects and their corresponding interface. This paper uses the concept of ‘views’ in order to achieve full separation between the application and the security policy in the design and implementation. The result is achieved by providing a model for capabilities using ‘views’ that is richer than the traditional capability model. In addition, a distributed access control model is shown to be effective through the use of Secure Object Communication Channels (SOCCs) to allow for secure connections at the object level. This security is applicable in the e‐commerce application domain, bringing security directly to the application ion level. Copyright © 2002 John Wiley & Sons, Ltd.
Bibliography:istex:E16F3EE8D19DB27E74096C7F66A0F785A9CC53C4
ark:/67375/WNG-867ZTG2R-Q
ArticleID:SPE440
ObjectType-Article-2
SourceType-Scholarly Journals-1
ObjectType-Feature-1
content type line 23
ISSN:0038-0644
1097-024X
DOI:10.1002/spe.440