Abstract
Specifying and managing access control policies for large distributed systems is a non-trivial task. Commonly, access control policies are specified in natural language and later reformulated in terms of a particular access control model. This paper presents and discusses concepts for an object-oriented access model that is more suitable for describing access control policies for CORBA objects than the default access model specified in the OMG security service specification.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Blakley, B., http://www.bhs.org/IT/Projects/cpr/security/CORBASEC-FAQ/, Section 4.3.2, April 1998.
Blaze, M., Feigenbaum, J., Strauss, M.: Distributed Trust Management. Proc. IEEE Symposium on Security and Privacy (1997) 143–154
Brose, G.: JacORB — design and implementation of a Java ORB. Proc. Distributed Applications and Interoperable Systems DAIS’97, Chapman & Hall (1997) 143–154 http://www.inf.fu-berlin.de/~brose/jacorb/
Brüggemann, H. H.: Spezifikation von objektorientierien Rechten. DUD-Fachbeiträge. Vieweg (1997)
Ellison, C, Frantz, B., Lampson, B., Rivest, R., Thomas, B., Ylönen, T.: SPKI Certificate Theory. Internet Draft, draft-ietf-spki-cert-theory-02.txt (1998)
Gong, L.: A secure identity-based capability system. Proc. IEEE Symposium on Security and Privacy (1989) 156–83
Gong, L., Qian, X.: Computational issues in secure interoperation. IEEE Transactions on Software Engineering, Vol. 22(1), January 1996, 43–52
Hagimont, D., Huet, O., Mossière, J.: A protection scheme for a CORBA environment. Proc. ECOOP’ 97 Workshop, CORBA: Implementation, Use and Evaluation (1997)
ISO/ IEC: Information Technology — Open Systems Interconnection — Security Frameworks for Open Systems: Access Control Framework. ISO (1996)
Jaeger, T., Rubin, A., Prakash, A.: Building systems that flexibly control down loaded executable content. Proc. 6th USENIX Security Symposium (1996) 131–148
Jones, A., Liskov, B.: A language extension for expressing constraints on data access. Communications of the ACM, Vol. 21(5), May 1978, 358–367
Karjoth, G.: Authorization in CORBA Security. Proc. ESORICS’98, LNCS 1485, Springer (1998) 143–158
Kowalski, O., Härtig, H.: Protection in the BirliX operating system. Proc. 10th Int. Conf. on Distributed Computing Systems (1990) 160–166
Lampson, B.: Protection. ACM Operating Systems Review, Vol. 8(1), January 1974, 18–24
OMG: CORBAservices: Common Object Services Specification. OMG document formal/97-12-02, Object Management Group (1997)
OMG: The Common Object Request Broker: Architecture and Specification, revision 2.2. Object Management Group (1998)
OMG: Security Service Revision 1.2. Object Management Group (1998)
Rabitti, F., Bertino, E., Kim, W., Woelk, D.: A model of authorization for next-generation database systems. ACM Transactions on Database Systems, Vol. 16(1), March 1991, 88–131
Richardson, J., Schwarz, P., Cabrera, L.-F.: CACL: Efficient fine-grained protection for objects, Proc. OOPSLA 1992, 263–275
Scholl, M., Laasch, C, Tresch, M.: Updatable views in object-oriented databases. Proc. 2. Int. Conf. on Deductive and Object-Oriented Databases, LNCS 566, Springer (1991) 189–207
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 1999 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Brose, G. (1999). A View-Based Access Control Model for CORBA. In: Vitek, J., Jensen, C.D. (eds) Secure Internet Programming. Lecture Notes in Computer Science, vol 1603. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-48749-2_10
Download citation
DOI: https://doi.org/10.1007/3-540-48749-2_10
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-66130-6
Online ISBN: 978-3-540-48749-4
eBook Packages: Springer Book Archive