Access control to objects in common object-oriented languages is statically verified but cannot be changed at run-time. However, dynamic authorization is required by most applications and it would be desirable to check more flexible access control policies also statically, at least partially. In this work, we introduce a model where "views" to object references represent the current access control policy of a principal for a given object, and first class authorizations support dynamic modification of those policies. To demonstrate our concepts, we have developed a core language, equipped with a provably correct type and effect system capable of detecting unauthorized method calls at compile-time, and defined and implemented a typechecking algorithm. © 2010 Springer-Verlag.
CITATION STYLE
Pires, M., & Caires, L. (2010). A type system for access control views in object-oriented languages. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 6186 LNCS, pp. 59–76). https://doi.org/10.1007/978-3-642-16074-5_5
Mendeley helps you to discover research relevant for your work.