Types for Lexically-Scoped Access Control

Tachio Terauchi, Alex Aiken and Jeffrey S. Foster

EECS Department
University of California, Berkeley
Technical Report No. UCB/CSD-03-1282
October 2003

http://www2.eecs.berkeley.edu/Pubs/TechRpts/2003/CSD-03-1282.pdf

We develop a new system for defining and enforcing access control statically. In our system, key-pairs guard access to resources, and the association between key-pairs and resources can be changed at any program point (i.e., the binding is late). Our static system uses an ordering on lexically scoped abstract names to allow local access control policies to be enforced in other parts of a program. In particular, this means that individual program components can locally refine access control policies and the policies will be respected by the entire program. The result is a system that can enforce, at compile time, a wide variety of useful, fine-grain access control patterns.


BibTeX citation:

@techreport{Terauchi:CSD-03-1282,
    Author = {Terauchi, Tachio and Aiken, Alex and Foster, Jeffrey S.},
    Title = {Types for Lexically-Scoped Access Control},
    Institution = {EECS Department, University of California, Berkeley},
    Year = {2003},
    Month = {Oct},
    URL = {http://www2.eecs.berkeley.edu/Pubs/TechRpts/2003/5777.html},
    Number = {UCB/CSD-03-1282},
    Abstract = {We develop a new system for defining and enforcing access control statically. In our system, key-pairs guard access to resources, and the association between key-pairs and resources can be changed at any program point (i.e., the binding is late). Our static system uses an ordering on lexically scoped abstract names to allow local access control policies to be enforced in other parts of a program. In particular, this means that individual program components can locally refine access control policies and the policies will be respected by the entire program. The result is a system that can enforce, at compile time, a wide variety of useful, fine-grain access control patterns.}
}

EndNote citation:

%0 Report
%A Terauchi, Tachio
%A Aiken, Alex
%A Foster, Jeffrey S.
%T Types for Lexically-Scoped Access Control
%I EECS Department, University of California, Berkeley
%D 2003
%@ UCB/CSD-03-1282
%U http://www2.eecs.berkeley.edu/Pubs/TechRpts/2003/5777.html
%F Terauchi:CSD-03-1282