Ecole d'ingénieur et centre de recherche en télécommunications

A distributed access control model for Java

Molva, Refik;Roudier, Yves

ESORICS 2000, European Symposium On Research In Computer Security, 4-6 Octobre 2000, Toulouse, France / Also published as LNCS, Volume 1895/2000

Despite its fully distributed and multi-party execution model, Java only supports centralized and single party access control. We suggest a new access control model for mobile code that copes with the shortcomings of the current access control model of Java. This new model is based on two key enhancements: the association of access control information with each mobile code segment in the form of attributes and the introduction of intermediate elements in the access control schema. The combination of the current ACL-based approach with the capability scheme achieved through mobile code attributes allows the new access control model to address dynamic multi-party scenarios while keeping the burden of security policy configuration at a minimum. We finally sketch the design of an access control system based on the proposed model using Simple Public Key Infrastructure (SPKI) certificates.

Document Doi Bibtex

Mots Clés:Java;access control model;distribution;SPKI;capabilities
Type:Conférence
Langue:English
Ville:Toulouse
Pays:FRANCE
Date:
Département:Réseaux et Sécurité
Eurecom ref:612
Copyright: © Springer. Personal use of this material is permitted. The definitive version of this paper was published in ESORICS 2000, European Symposium On Research In Computer Security, 4-6 Octobre 2000, Toulouse, France / Also published as LNCS, Volume 1895/2000 and is available at : http://dx.doi.org/10.1007/10722599
Bibtex: @inproceedings{EURECOM+612, doi = {http://dx.doi.org/10.1007/10722599}, year = {2000}, title = {{A} distributed access control model for {J}ava}, author = {{M}olva, {R}efik and {R}oudier, {Y}ves}, booktitle = {{ESORICS} 2000, {E}uropean {S}ymposium {O}n {R}esearch {I}n {C}omputer {S}ecurity, 4-6 {O}ctobre 2000, {T}oulouse, {F}rance / {A}lso published as {LNCS}, {V}olume 1895/2000}, address = {{T}oulouse, {FRANCE}}, month = {10}, url = {http://www.eurecom.fr/publication/612} }
Voir aussi: