UC BERKELEY
EECS technical reports
TECHNICAL REPORTS


CSD-03-1282.pdf
CSD-03-1282.ps
Conditions of Use

Archive Home Page

Types for Lexically-Scoped Access Control

Authors:
Terauchi, Tachio
Foster, Jeffrey S.
Aiken, Alex
Technical Report Identifier: CSD-03-1282
October 15, 2003
CSD-03-1282.pdf
CSD-03-1282.ps

Abstract: We develop a new system for defining and enforcing access control statically. In our system, key-pairs guard access to resources, and the association between key-pairs and resources can be changed at any program point (i.e., the binding is late). Our static system uses an ordering on lexically scoped abstract names to allow local access control policies to be enforced in other parts of a program. In particular, this means that individual program components can locally refine access control policies and the policies will be respected by the entire program. The result is a system that can enforce, at compile time, a wide variety of useful, fine-grain access control patterns.