Generics and Exception Handling for Supporting User-Role Based Security in Object-Oriented Systems

User-role based security (URBS) has drawn signi cant attention in recent years for its ability to customize security privileges according to the responsibilities of individual user roles. To provide access to object-oriented applications, the public interface of each class contains methods for all potential users of the class. In order to nely tune this access, URBS can be introduced to promote a strategy that controls access on a role-by-role basis, with di erent roles having access to speci c subsets of each public interface based on their responsibilities within the application. Our previous e orts have been working towards such a capability. This paper continues these e orts by investigating approaches for extensible and reusable URBS enforcement mechanisms for object-oriented systems. Such approaches should insulate software engineers from security concerns while simultaneously embedding the URBS policies into compiled applications that then behave di erently based on an individual's role. We consider generic security classes that stress uniformity and encapsulate security details, while promoting software reuse. We also explore exception handling as an vehicle for achieving dynamic role-based behavior in applications. By combining both generics and exception handling, the bene ts of both can accrue in an approach that attains software reuse and software evolution.