Design and implementation of a flexible RBAC-service in an object-oriented scripting language

In this paper we present the design and implementation of the xorbac component that provides a flexible RBAC service. The xorbac, implementation conforms to level 4a of the unified NIST model for RBAC and can be reused for arbitrary applications on Unix or Windows with a C or Tcl linkage. xorbac runtime elements can be serialized and recreated from RDF data models conforming to a well-defined RDF schema. Furthermore we present our experiences with xorbac for the deployment within the HTTP environment for a web-based mobile code system.

[1]  Vipin Chaudhary,et al.  History-based access control for mobile code , 1998, CCS '98.

[2]  David Wetherall,et al.  Extending Tcl for Dynamic Object-Oriented Programming , 1995, Tcl/Tk Workshop.

[3]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[4]  Ravi S. Sandhu,et al.  The NIST model for role-based access control: towards a unified standard , 2000, RBAC '00.

[5]  Gustaf Neumann,et al.  XOTcl: an object-oriented scripting language , 2000 .

[6]  Ravi S. Sandhu,et al.  RBAC on the Web by smart certificates , 1999, RBAC '99.

[7]  Roles Conceptual Abstraction Theory Practical Language Issues , 1996 .

[8]  Luigi Giuri Role-based access control on the Web using Java , 1999, RBAC '99.

[9]  John K. Ousterhout,et al.  Tcl and the Tk Toolkit , 1994 .

[10]  D. Richard Kuhn,et al.  A role-based access control model and reference implementation within a corporate intranet , 1999, TSEC.

[11]  하수철,et al.  [서평]「Component Software」 - Beyond Object-Oriented Programming - , 2000 .

[12]  Zahir Tari,et al.  A Role-Based Access Control for Intranet Security , 1997, IEEE Internet Comput..

[13]  Ravi S. Sandhu,et al.  Role-Based Access Control Models , 1996, Computer.

[14]  Trygve Reenskaug,et al.  Working with objects , 1995 .

[15]  Dan Brickley,et al.  Resource description framework (RDF) schema specification , 1998 .

[16]  John K. Ousterhout,et al.  Scripting: Higher-Level Programming for the 21st Century , 1998, Computer.

[17]  Ravi S. Sandhu,et al.  Task-Based Authorization Controls (TBAC): A Family of Models for Active and Enterprise-Oriented Autorization Management , 1997, DBSec.

[18]  Gail-Joon Ahn,et al.  Role-based authorization constraints specification , 2000, TSEC.

[19]  Dan Brickley,et al.  Resource Description Framework (RDF) Model and Syntax Specification , 2002 .

[20]  Ravi S. Sandhu,et al.  Roles versus groups , 1996, RBAC '95.

[21]  Gustaf Neumann,et al.  Distributed Web Application Development with Active Web Objects , 2001 .

[22]  P. Samarati,et al.  Access control: principle and practice , 1994, IEEE Communications Magazine.

[23]  Ravi S. Sandhu,et al.  Configuring role-based access control to enforce mandatory and discretionary access control policies , 2000, TSEC.

[24]  John F. Barkley,et al.  Implementing role-based access control using object technology , 1996, RBAC '95.

[25]  Larry S. Bartz hyperDRIVE: leveraging LDAP to implement RBAC on the Web , 1997, RBAC '97.

[26]  R. Sandhu,et al.  Access control: principles and practice , 1994, IEEE Commun. Mag..

[27]  Michael Schrefl,et al.  Extending object-oriented systems with roles , 1996, TOIS.

[28]  Gustaf Neumann,et al.  Enhancing object-based system composition through per-object mixins , 1999, Proceedings Sixth Asia Pacific Software Engineering Conference (ASPEC'99) (Cat. No.PR00509).

[29]  Gustaf Neumann,et al.  Implementing Object-Specific Design Patterns Using Per-Object Mixins , 1999 .

[30]  Kurt M. Gutzmann Access Control and Session Management in the HTTP Environment , 2001, IEEE Internet Comput..

[31]  Daniel G. Bobrow,et al.  Common lisp object system specification , 1988, SIGP.

[32]  Gustaf Neumann,et al.  Towards the usage of dynamic object aggregations as a foundation for composition , 2000, SAC '00.

[33]  Dirk Riehle,et al.  Role model based framework design and integration , 1998, OOPSLA '98.

[34]  Kasper Østerbye,et al.  Roles: Conceptual Abstraction Theory and Practical Language Issues , 1996, Theory and Practice of Object Systems.