Extensible Access Control with Authorization Contracts
Scott Moore, Christos
Findler, Robert Bruce
MetadataShow full item record
CitationMoore, Scott, Christos Dimoulas, Robert Bruce Findler, Matthew Flatt, and Stephen Chong. 2016. Extensible Access Control with Authorization Contracts. Harvard Computer Science Group Technical Report TR-03-16.
AbstractExisting programming language access control frameworks do not meet the needs of all software components.We propose an expressive framework for implementing access control monitors for components. The basis of the framework is a novel concept: the authority environment. An authority environment associates rights with an execution context. The building blocks of access control monitors in our framework are authorization contracts: software contracts that manage authority environments. We demonstrate the expressiveness of our framework by implementing a diverse set of existing access control mechanisms and writing custom access control monitors for three realistic case studies.
Citable link to this pagehttp://nrs.harvard.edu/urn-3:HUL.InstRepos:28552973
- FAS Scholarly Articles