6th European Symposium on Research in Computer Security (ESORICS 2000)
A Typed Access Control Model for CORBA
Gerald Brose
Keywords : access control, roles, types, CORBA
Abstract : Specifying and managing access rights in large distributed systems is a non-trivial task. This paper presents a language-based approach to support policy-based management of access rights. We develop an object-oriented access model and a concrete syntax that is designed to allow both flexible and manageable access control policies for CORBA objects. We introduce a typed construct for access rights called view that allows static type checking of specifications and show how a realistic example policy is expressed in our notation.
(Pages 88-105)