Title :
Extending Java for package based access control
Author :
Papa, M. ; Bremer, O. ; Chandia, R. ; Hale, J. ; Shenoi, S.
Author_Institution :
Center for Inf. Security, Tulsa Univ., OK, USA
Abstract :
This paper describes an extension of the Java language that provides programmable security. The approach augments the Java syntax with constructs for specifying various access control policies for Java packages, including DAC, MAC, RBAC and TBAC. A primitive ticket based mechanism serves as the foundation for programmable security. The implementation incorporates a preprocessor for language translation and a security service library that implements the ticket management infrastructure. The preprocessor translates the extended Java source code to native Java for eventual bytecode interpretation simultaneously binding security services to the native code. The design is simple and flexible and provides developers with an effective tool for programming security within Java packages
Keywords :
Java; authorisation; object-oriented programming; program interpreters; software libraries; DAC; Java language; MAC; RBAC; TBAC; bytecode interpretation; language translation preprocessor; package based access control; primitive ticket; programmable security; security service library; source code; syntax; ticket management; Access control; Authorization; Computer science; Data security; Information security; Java; Libraries; Object oriented modeling; Packaging; Protection;
Conference_Titel :
Computer Security Applications, 2000. ACSAC '00. 16th Annual Conference
Conference_Location :
New Orleans, LA
Print_ISBN :
0-7695-0859-6
DOI :
10.1109/ACSAC.2000.898859
