Browse by author
Lookup NU author(s): Ian Welch
Full text is not currently available for this publication.
Conventional object-oriented software engineering can be used to use existing security architectures to enforce access control on user-level resources as well as system-resources. Common techniques are to insert enforcement within libraries or applications, use inheritance and proxies. However, these all provide a poor separation of concerns and cannot be used with compiled code. In-lined reference monitors provide a good separation of concerns and meet criteria for good security engineering. They use object code rewriting to control access to both user-level and system-level objects by in-lining reference monitor code into user-level compiled code. However, their focus is upon replacing existing security architectures and current implementations do not address distributed access control policies. Another approach that does provide a good separation of concerns and allows reuse of existing security architectures are metaobject protocols. These allow constrained changes to be made to the semantics of code and therefore can be used to implement access control policies for both local and distributed resources. Loadtime metaobject protocols allow metaobject protocols to be used with compiled code because they rewrite base level classes and insert meta-level interceptions. However, these have not been demonstrated to meet requirements for good security engineering such as complete mediation. Also current implementations do not provide distributed access control. This thesis implements a loadtime metaobject protocol for the Java programming language. The design of the metaobject protocol specifically addresses separation of concerns, least privilege, complete mediation and economy of mechanism. The implementation of the metaobject protocol, called Kava, has been evaluated by implementing diverse security policies in two case studies involving third-part standalone and distributed applications. These case studies are used as the basis of inferences about general suitability of using loadtime reflection for enforcing access control policies upon user-level compiled code.
Author(s): Welch IS
Publication type: Report
Publication status: Published
Series Title:
Year: 2004
Institution: School of Computing Science, University of Newcastle upon Tyne
Place Published: Newcastle upon Tyne
Notes: British Lending Library DSC stock location number: DXN088777
