Abstract
Data-centric multi-user systems, such as web applications, require flexible yet fine-grained data security mechanisms. Such mechanisms are usually enforced by a specially crafted security layer, which adds extra complexity and often leads to error prone coding, easily causing severe security breaches. In this paper, we introduce a programming language approach for enforcing access control policies to data in data-centric programs by static typing. Our development is based on the general concept of refinement type, but extended so as to address realistic and challenging scenarios of permission-based data security, in which policies dynamically depend on the database state, and flexible combinations of column- and row-level protection of data are necessary. We state and prove soundness and safety of our type system, stating that well-typed programs never break the declared data access control policies. © 2011 Springer-Verlag.
Cite
CITATION STYLE
Caires, L., Pérez, J. A., Seco, J. C., Vieira, H. T., & Ferrão, L. (2011). Type-based access control in data-centric systems. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6602 LNCS, pp. 136–155). https://doi.org/10.1007/978-3-642-19718-5_8
Register to see more suggestions
Mendeley helps you to discover research relevant for your work.
