论文信息 - URBS Enforcement Mechanisms for Object-Oriented Systems

URBS Enforcement Mechanisms for Object-Oriented Systems

Our past efforts have investigated user-role based security (URBS) for discretionary ac- cess control to provide customizable access to the public interface of object types/classes, allowing different individuals specialized access at different times based on their needs and responsibilities within the application. This is supported by the ADAM environment (Active Design and Analyses Modeling) which automatically generates code (C++, Ada83, Ada95) from language-independent object-oriented designs that have been supplied via text and form-based input. ADAM provides a means to define and analyze user-role based security and authorization, but does not provide an automatic transition from these definitions to “code” that realizes the required security. The work presented in this paper details three approaches for enforcement mechanisms for object-oriented systems, and evaluates them in the context of a set of goals. We believe that the approaches and results presented herein are relevant to object-oriented systems.

[1] Steven A. Demurjian,et al. Profiling in an object-oriented design environment that supports Ada 9X and Ada 83 code generation , 1994, TRI-Ada '94.

[2] Harold Ossher,et al. Subject-oriented programming: a critique of pure objects , 1993, OOPSLA '93.

[3] Elisa Bertino,et al. A model of authorization for next-generation database systems , 1991, TODS.

[4] T. C. Ting,et al. The Factors that Influence Apropos Security Approaches for the Object-Oriented Paradigm , 1993, Security for Object-Oriented Systems.

[5] T. C. Ting,et al. Towards an authorization mechanism for user-role based security in an object-oriented design model , 1993, Proceedings of Phoenix Conference on Computers and Communications.

[6] T. C. Ting,et al. User-Role Based Security Profiles for an Object-Oriented Design Model , 1993, DBSec.

[7] T. C. Ting,et al. Requirements, Capabilities, and Functionalities of User-Role Based Security for an Object-Oriented Design Model , 1991, DBSec.

[8] Steven A. Demurjian,et al. Object-oriented design and analyses for advanced application development: progress towards a new frontier , 1993, CSC '93.

[9] Joel E. Richardson,et al. Aspects: extending objects to support multiple, independent roles , 1991, SIGMOD '91.

[10] Luis-Felipe Cabrera,et al. CACL: efficient fine-grained protection for objects , 1992, OOPSLA 1992.

[11] T. C. Ting. A User-Role Based Data Security Approach , 1988, Database Security.