论文信息 - An access control language for object-oriented programming systems

An access control language for object-oriented programming systems

Abstract An extended access control language and implementation mechanism is specified for use in the protection of modules (or objects) in object-oriented programming systems. Described within the context of a “resource module” as the standard programming construct, the language may be readily adapted for use in other object-oriented systems and is designed for ease of use by a normal programmer. The protection, afforded to program modules, captures the advantages of access control lists, provides the power of “least privilege” found in capability based systems, and allows for extended control on individual subjects through the use of access rights expressions.

Masaaki Mizuno | Arthur E. Oldehoeft | A. Oldehoeft | M. Mizuno

[1] Abraham Silberschatz,et al. Access-Right Expressions , 1983, TOPL.

[2] Roy H. Campbell,et al. The specification of process synchronization by path expressions , 1974, Symposium on Operating Systems.

[3] Barbara Liskov,et al. Guardians and Actions: Linguistic Support for Robust, Distributed Programs , 1983, TOPL.

[4] David Jefferson,et al. Protection in the Hydra Operating System , 1975, SOSP.

[5] Deborah Downs,et al. Issues in Discretionary Access Control , 1985, 1985 IEEE Symposium on Security and Privacy.

[6] Partha Dasgupta,et al. Fault Tolerant Computing in Object Based Distributed Operating Systems , 1987, SRDS.

[7] David Robson,et al. Smalltalk-80: The Language and Its Implementation , 1983 .

[8] Jack B. Dennis,et al. Programming semantics for multiprogrammed computations , 1966, CACM.

[9] M. Mizuno,et al. Highly-structured software for network systems and its protection , 1987 .

[10] Elliott I. Organick,et al. The multics system: an examination of its structure , 1972 .

[11] Jerome H. Saltzer,et al. The protection of information in computer systems , 1975, Proc. IEEE.

[12] K. Thompson,et al. The UNIX time-sharing system , 1978 .

[13] Peter J. Denning,et al. Protection: principles and practice , 1972, AFIPS '72 (Spring).

[14] Dorothy E. Denning,et al. Cryptography and Data Security , 1982 .

[15] Calton Pu,et al. Design and Implementation of Nested Transactions in Eden , 1987, SRDS.