An operational semantics of Java']Java 2 access control

被引:5
|
作者
Karjoth, G [1 ]
机构
[1] IBM Corp, Zurich Res Lab, Zurich, Switzerland
来源
13TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS | 2000年
关键词
D O I
10.1109/CSFW.2000.856939
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
Java 2 Security enhanced with Java Authentication and Authorization Service (JAAS) provide sophisticated access control features via a user-configurable authorization policy. Fine-grained access control, code-based as well as user-based authorization, and implicit access rights allow the implementation of real-world policies, but of the cost of increased complexity. In this paper we provide a formal specification of the Java 2 and JAAS access control model that helps remove ambiguities of the informal definitions. It defines Java 2 access control in terms of an abstract machine, whose behavior is determined by a small set of transition rules. we illustrate the power of Java 2 access control by showing how commonly encountered authorization requirements can be implemented in Java 2.
引用
收藏
页码:224 / 232
页数:3
相关论文
共 50 条
  • [31] Access rights analysis for Java']Java
    Koved, L
    Pistoia, M
    Kershenbaum, A
    ACM SIGPLAN NOTICES, 2002, 37 (11) : 359 - 372
  • [32] Java']Java access to numerical libraries
    Casanova, H
    Dongarra, J
    Doolin, DM
    CONCURRENCY-PRACTICE AND EXPERIENCE, 1997, 9 (11): : 1279 - 1291
  • [33] On Access Restriction with Java']Java Wildcards
    Viroli, Mirko
    Rimassa, Giovanni
    JOURNAL OF OBJECT TECHNOLOGY, 2005, 4 (10):
  • [34] Access to industrial process periphery via Java']Java for process control (JFPC)
    Kleines, H
    Wüstner, P
    Settke, K
    Zwoll, K
    IEEE TRANSACTIONS ON NUCLEAR SCIENCE, 2002, 49 (02) : 465 - 468
  • [35] Hardening Java']Java's Access Control by Abolishing Implicit Privilege Elevation
    Holzinger, Philipp
    Hermann, Ben
    Lerch, Johannes
    Bodden, Eric
    Mezini, Mira
    2017 IEEE SYMPOSIUM ON SECURITY AND PRIVACY (SP), 2017, : 1027 - 1040
  • [36] An efficient and flexible access control framework for Java']Java programs in mobile terminals
    Tomimori, H
    Nakamoto, Y
    22ND INTERNATIONAL CONFERENCE ON DISTRIBUTED COMPUTING SYSTEMS WORKSHOP, PROCEEDINGS, 2002, : 777 - 782
  • [37] Mapping the UML2 Semantics of Associations to a Java']Java Code Generation Model
    Gessenharter, Dominik
    MODEL DRIVEN ENGINEERING LANGUAGES AND SYSTEMS, PROCEEDINGS, 2008, 5301 : 813 - 827
  • [38] An event-based structural operational semantics of multi-threaded java
    Cenciarelli, Pietro
    Knapp, Alexander
    Reus, Bernhard
    Wirsing, Martin
    Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 1999, 1523 : 157 - 200
  • [39] As-if-serial exception handling semantics for Java']Java futures
    Zhang, Lingli
    Krintz, Chandra
    SCIENCE OF COMPUTER PROGRAMMING, 2009, 74 (5-6) : 314 - 332
  • [40] Practical Weak-Atomicity Semantics for Java']Java STM
    Menon, Vijay
    Balensiefer, Steven
    Shpeisman, Tatiana
    Adl-Tabatabai, Ali-Reza
    Hudson, Richard L.
    Saha, Bratin
    Welc, Adam
    SPAA'08: PROCEEDINGS OF THE TWENTIETH ANNUAL SYMPOSIUM ON PARALLELISM IN ALGORITHMS AND ARCHITECTURES, 2008, : 314 - +
12345