Abstract
This paper focuses on “programmable security” for object-oriented systems and languages. A primitive distributed object model is used to capture the essence of object behavior and access control schemes. This model can be used to construct virtually any distributed object language or system while supporting a spectrum of decentralized authorization models.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Abadi, M. and Cardelli, L. (1996) A theory of primitive objects: Untyped and first-order systems. Information and Computation, 125 (2), 78–102.
Agha, G.A. (1986) ACTORS: A Model of Concurrent Computation in Distributed Systems. MIT Press, Cambridge, Massachusetts.
Bertino, E., Jajodia, S. and Samarati, P. (1996) Supporting multiple access control policies in database systems. Proceedings of the IEEE Symposium on Research in Security and Privacy, 94–109.
Bertino, E., Origgi, F. and Samarati, P. (1994) A new authorization model for object-oriented databases, in Database Security, VIII: Status and Prospects (eds. J. Biskup et al.), Elsevier, Amsterdam, 199–222.
Dean, D., Felten, E. and Wallach, D. (1996) Java security: From HotJava to Netscape and beyond. Proceedings of the IEEE Symposium on Research in Security and Privacy, 190–200.
Dittrich, K., Hartig, M. and Pfefferle, H. (1989) Discretionary access control in structurally object-oriented database systems, in Database Security, II: Status and Prospects (ed. C. Landwehr ), Elsevier, Amsterdam, 105–121.
Gal-Oz, N., Guddes, E. and Fernandez, E.B. (1993) A model of methods access authorization in object-oriented databases. Proceedings of the 19th International Conference on Very Large Databases, 52–61.
Gilgor, V., Huskamp, J., Welke, S., Linn, C. and Mayfield, W. (1987) Traditional capability-based systems: An analysis of their ability to meet the trusted computer security evaluation criteria, IDA Paper P-1935, Institute for Defense Analyses, Alexandria, Virginia.
Hale, J., Threet, J. and Shenoi, S. (1998) Capability-based primitives for access control in object-oriented systems, in Database Security, XI: Status and Prospects (eds. T.Y. Lin and X. Qian ), Chapman and Hall, London, 134–150.
Jajodia, S. and Kogan, B. (1990) Integrating an object-oriented data model with multilevel security. Proceedings of the IEEE Symposium on Research in Security and Privacy, 76–85.
Jonscher, D. and Dittrich, K.R. (1995) Argos — A configurable access control system for interoperable environments, in Database Security, IX: Status and Prospects (eds. D. Spooner et al.), Chapman and Hall, London, 43–60.
Nicomette, V. and Deswarte, Y. (1997) An authorization scheme for distributed object systems. Proceedings of the IEEE Symposium on Research in Security and Privacy, 31–40.
Rabitti, F., Bertino, E., Kim, W. and Woelk, D. (1991) A model of authorization for next-generation database systems. ACM Transactions on Database Systems, 16 (1), 88–133.
Rosenberry, W., Kenney, D. and Fisher, G. (1993) Understanding DCE. O’Reilly and Associates, Inc., Sebastopal, California.
Rosenthal, A., Williams, J., Herndon, W. and Thuraisingham, B. (1994) A fine grained access control model for object-oriented DBMSs, in Database Security, VIII: Status and Prospects (eds. J. Biskup et al.), Elsevier, Amsterdam, 319–334.
Stefik, M. and Bobrow, D.G. (1985) Object-oriented programming. Themes and variations. AI Magazine, 6 (4), 40–62.
Van Doom, L., Abadi, M., Burrows, M. and Wobber, E. (1996) Secure network objects. Proceedings of the IEEE Symposium on Research in Security and Privacy, 211–221.
Wiederhold, G. (1992) Mediators in the architecture of future information systems: A new approach. IEEE Computer, 25 (3), 38–49.
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer Science+Business Media New York
About this chapter
Cite this chapter
Hale, J., Papa, M., Shenoi, S. (1999). Programmable Security for Object-Oriented Systems. In: Jajodia, S. (eds) Database Security XII. IFIP — The International Federation for Information Processing, vol 14. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35564-1_7
Download citation
DOI: https://doi.org/10.1007/978-0-387-35564-1_7
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-4914-4
Online ISBN: 978-0-387-35564-1
eBook Packages: Springer Book Archive