ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
Policy-driven reflective enforcement of security policies
Full text PdfPdf (106 KB)
Source Symposium on Applied Computing archive
Proceedings of the 2006 ACM symposium on Applied computing table of contents
Dijon, France
SESSION: Programming for separation of concerns (PSC) table of contents
Pages: 1580 - 1584  
Year of Publication: 2006
ISBN:1-59593-108-2
Authors
Ian Welch  Victoria University of Wellington, NZ
Fan Lu  Victoria University of Wellington, NZ
Sponsor
SIGAPP: ACM Special Interest Group on Applied Computing
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 11,   Downloads (12 Months): 62,   Citation Count: 0
Additional Information:

abstract   references   index terms   collaborative colleagues  

Tools and Actions: Review this Article  
Save this Article to a Binder    Display Formats: BibTex  EndNote ACM Ref   
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/1141277.1141645
What is a DOI?

ABSTRACT

Practical experience has shown that separating security enforcement code from functional code using separation of concerns techniques such as behavioural reflection leads to improvements in code undestandability and maintainability. However, using these techniques at requires providing a consistent and declarative way to specify policies. We have developed a prototype tool that allows the use of Ponder policies that are enforced by the Kava metaobject protocol. This prototype translates high-level policies into configuration files used to enforce the policies upon Java applications.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

 
1
A. Corradi , R. Montanari , E. Lupu , M. Sloman , C. Stefanelli, A flexible access control service for Java mobile code, Proceedings of the 16th Annual Computer Security Applications Conference, p.356, December 11-15, 2000
 
2
Nicodemos Damianou , Naranker Dulay , Emil Lupu , Morris Sloman, The Ponder Policy Specification Language, Proceedings of the International Workshop on Policies for Distributed Systems and Networks, p.18-38, January 29-31, 2001
 
3
D. Evans and A. Twyman. Flexible policy-directed code safety. In IEEE Symposium on Research in Security and Privacy, pages 32--45, Oakland, CA, May 1999. IEEE Computer Society, Technical Committee on Security and Privacy, IEEE Computer Society Press.
 
4
L. Gong, M. Mueller, H. Prafullchandra, and S. R. Going beyond the sandbox: An overview of the new security architecture in the Java Development Kit 1.2. In USENIX Symposium on Internet Technologies and Systems, pages 103--112, Monterey, California, December 1997. USENIX, Berkeley, CA.
 
5
James Gosling , Bill Joy , Guy L. Steele, The Java Language Specification, Addison-Wesley Longman Publishing Co., Inc., Boston, MA, 1996
 
6
Gregor Kiczales , Erik Hilsdale , Jim Hugunin , Mik Kersten , Jeffrey Palm , William G. Griswold, An Overview of AspectJ, Proceedings of the 15th European Conference on Object-Oriented Programming, p.327-353, June 18-22, 2001
 
7
H. T., K. S., Y. W., and C. Robbins. The string representation of standard attribute syntaxes. Internet Engineering Task Force. Available from: http://www.ietf.org/rfc/rfc1778.txt.Mar 1995. {Accessed February 2003}.
 
8
J. von Nieda. Lirc -- an IRC client for Java. http://www.vonnieda.org/Lirc, 2001. Last accessed 17/6/02.
 
9
I. Welch and R. Stroud. Re-engineering security as a crosscutting concern -- experience with a third party application. The Computer Journal, 46(5):578--589, September 2003.
 
10
I. Welch and R. J. Stroud. Kava -- using byte-code rewriting to add behavioral reflection to Java. In Proceedings of COOTS 2001, USENIX Conference on Object-Oriented Technologies and Systems, pages 119--130, San Antonio, Texas, 29 January - 2 February 2001. USENIX, Berkeley, CA.
 
11
Ian Welch , Robert J. Stroud, Using reflection as a mechanism for enforcing security policies on compiled code, Journal of Computer Security, v.10 n.4, p.399-432, December 2002

INDEX TERMS

Primary Classification:
  D. Software
  D.2 SOFTWARE ENGINEERING
      D.2.8 Metrics


Keywords:
reflection, security policies

Collaborative Colleagues:
Ian Welch: colleagues
Fan Lu: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2008 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player