Reference from ESORICS proceedings

6th European Symposium on Research in Computer Security (ESORICS 2000)

A Typed Access Control Model for CORBA

Gerald Brose

Keywords : access control, roles, types, CORBA

Abstract : Specifying and managing access rights in large distributed systems is a non-trivial task. This paper presents a language-based approach to support policy-based management of access rights. We develop an object-oriented access model and a concrete syntax that is designed to allow both flexible and manageable access control policies for CORBA objects. We introduce a typed construct for access rights called view that allows static type checking of specifications and show how a realistic example policy is expressed in our notation.

(Pages 88-105)

Proceedings table of contents