Bracket Capabilities for Distributed Systems Security
نویسنده
چکیده
The per-method access control lists of standard middleware technologies allow only simple forms of access control to be expressed and enforced. Research systems based on capabilities provide a more secure mechanism but also fail to support more flexible security constraints such as parameter restrictions, logging and state-dependent access. They also fail to enforce a strict need-to-know view of a persistent object for each user. In this paper we present the concept of bracket capabilities as a new, simple security mechanism which fulfils these requirements. We discuss the reasons for integrating bracketing and view types at a fundamental level of the security mechanism. We demonstrate the use of the mechanism in a simple Ecommerce environment to provide secure electronic cheques and describe a prototype implementation of the mechanism in middleware for secure, distributed Java applications.
منابع مشابه
Opsis: A Distributed Object Architecture Based on Bracket Capabilities
The object-oriented access control in contemporary middleware is inadequate in view of the sensitivity of data stored on the internet and the growing threat from hackers and malicious software. In this paper we present the Opsis system, an architecture for distributed Java applications based on the strict use of ‘bracket capabilities’. We describe the concept of ‘capability servers’ for support...
متن کاملDistributed Generation Effects on Unbalanced Distribution Network Losses Considering Cost and Security Indices
Due to the increasing interest on renewable sources in recent years, the studies on integration of distributed generation to the power grid have rapidly increased. In order to minimize line losses of power systems, it is crucially important to define the size and location of local generation to be placed. Minimizing the losses in the system would bring two types of saving, in real life, one is ...
متن کاملDistributed Generation Effects on Unbalanced Distribution Network Losses Considering Cost and Security Indices
Due to the increasing interest on renewable sources in recent years, the studies on integration of distributed generation to the power grid have rapidly increased. In order to minimize line losses of power systems, it is crucially important to define the size and location of local generation to be placed. Minimizing the losses in the system would bring two types of saving, in real life, one is ...
متن کاملEvaluation of Outpatient Electronic Prescription System Capabilities from the Perspective of Physicians in Specialized Polyclinics of Urmia Social Security Organization
Background and Aim: Electronic prescription systems can improve patient safety and the quality of health care services. These systems must provide the capabilities required to reduce medical errors and enhance the performance of health care providers. The purpose of this study is to evaluate the capabilities of the e-prescription system from the perspective of physicians in the polyclinics of t...
متن کاملA Survey of Concurrency Control Algorithms in the Operating Systems
Concurrency control is one of the important problems in operation systems. Various studies have been reported to present different algorithms to address this problem, although a few attempts have been made to represent an overall view of the characteristics of these algorithms and comparison of their capabilities to each other. This paper presents a survey of the current methods for controlling...
متن کامل