Extending Java for Package based Access Control
نویسندگان
چکیده
This paper describes an extension of the Java language that provides “programmable security.” The approach augments the Java syntax with constructs for specifying various access control policies for Java packages, including DAC, MAC, RBAC and TBAC. A primitive ticket based mechanism serves as the foundation for programmable security. The implementation incorporates a preprocessor for language translation and a security service library that implements the ticket management infrastructure. The preprocessor translates the extended Java source code to native Java for eventual bytecode interpretation, simultaneously binding security services to the native code. The design is simple and flexible, and provides developers with an effective tool for “programming” security within Java packages.
منابع مشابه
Extending a Java Based Framework for Scientific Software-Components
A prototypical framework, which was used for building software components for symbolic computation, is extended as follows. First, we demonstrate that the server components can be accessed from other frameworks for collaborative scientific computing, too. Specifically, we incorporate access from the PROGRESS system. Second, we discuss several design issues that arise when encapsulating existing...
متن کاملA combination of semantic and attribute-based access control model for virtual organizations
A Virtual Organization (VO) consists of some real organizations with common interests, which aims to provide inter organizational associations to reach some common goals by sharing their resources with each other. Providing security mechanisms, and especially a suitable access control mechanism, which enforces the defined security policy is a necessary requirement in VOs. Since VO is a complex ...
متن کاملExtending WordNet using Generalized Automated Relationship Induction
This paper describes a Java package for automatically extending WordNet and other semantic lexicons. Extending these semantic lexicons by traditional means of hand labeling word relationships is a very expensive and laborious process. We used machine learning techniques to automatically extract relationships between words from a given text corpus. The package is made to be very flexible, allowi...
متن کاملEnforcement of applet boundaries in Java card systems
In multi-application Java Cards, applet’s sensitive data must be protected against unauthorized accesses. Applet isolation is normally achieved through the firewall mechanism. The firewall allows an applet to access external objects only through an object sharing mechanism, called shareable interface. Firewall is based on the access control policy and does not control information propagation. T...
متن کاملA Case For Sealing Classes In Java
It is a well-known fact that inheritance as defined in most existing object-oriented languages breaks encapsulation in a very subtle way. For instance, Java provides facilities for encapsulation both at the class-level and at the packagelevel. But it also introduces language constructs (such as public/ protected modifier and inheritance) that lets clients to access the internals of a class in a...
متن کامل