Abstract
In object-oriented systems, data and methods of a class are inherited by lower-level classes according to the is-a hierarchy. It is difficult to specify access rules for every class and object, because the system is composed of various types of classes, and objects which are dynamically created and dropped. If access rules on some class could be reused for other classes, the access rules are easily specified. This paper discusses how to inherit access rules in hierarchical structure of classes and objects.
Chapter PDF
References
Bell, D. E. and LaPadula, L. J., “Secure Computer Systems: Mathematical Fousdations and Model,” Mitre Corp. Report, No.M74-244, 1975.
Dittrich K R, Haertig M, Pfefferle H., “Discretionary Access Control in Structurally Object-Oriented Database Systems,” Database Security 2, pp105–121, 1989.
Grosling, J. and McGilton, H., “The Java Language Environment,” Sun Microsystems, Inc., 1996.
Lampson, B. W., “Protection,” Proc. of the 5th Princeton Symp. on. Information Sciences and Systems, 1971, pp.437–443.
Thuraisingham, M. B., “Mandatory Security in Object-Oriented Database Systems,” ACM Sigplan Note, Vol. 24,No. 10, 1989 pp.203–210.
Object Management Group Inc., “The Common Object Request Broker: Architecture and Specification,” Rev. 2.1, 1997.
Oracle Corporation, “Oracle8i Concepts”, Vol. 1, Release 8.1.5, 1999.
Samarati, P., Bertino, E., Ciampichetti, A., and Jajodia, S., “Information Flow Control in Object-Oriented Systems,” IEEE Trans. on Knowledge and Data Engineering, Vol. 9,No. 4, 1997, pp. 254–238.
Sandhu, R. S., Coyne, E. J., Feinstein, H. L., and Youman, C. E., “Role-Based Access Control Models,” IEEE Computer, Vol. 29,No. 2, 1996, pp. 38–47.
Spooner, D., “The Impact of Inheritance on Security in Object-Oriented Database System,” Database Security 2, 1989, pp. 141–150
Stroustrup, B., “The C++ Programming Language (2nd ed.),” Addison-Wesley, 1991.
Yasuda, M., Higaki, H., and Takizawa, M., “A Purpose-Oriented Access Control Model for Information Flow Management,” Proc of 14th IFIP. Int’l Information Security Conf. (IFIP’98), 1998, pp. 230–239.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 Kluwer Academic Publishers
About this chapter
Cite this chapter
Izaki, K., Tanaka, K., Takizawa, M. (2002). Authorization Model in Object-Oriented Systems. In: Thuraisingham, B., van de Riet, R., Dittrich, K.R., Tari, Z. (eds) Data and Application Security. IFIP International Federation for Information Processing, vol 73. Springer, Boston, MA. https://doi.org/10.1007/0-306-47008-X_33
Download citation
DOI: https://doi.org/10.1007/0-306-47008-X_33
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-7923-7514-2
Online ISBN: 978-0-306-47008-0
eBook Packages: Springer Book Archive