Types for Lexically-Scoped Access Control
Abstract: We develop a new system for defining and enforcing access control statically. In our system, key-pairs guard access to resources, and the association between key-pairs and resources can be changed at any program point (i.e., the binding is late). Our static system uses an ordering on lexically scoped abstract names to allow local access control policies to be enforced in other parts of a program. In particular, this means that individual program components can locally refine access control policies and the policies will be respected by the entire program. The result is a system that can enforce, at compile time, a wide variety of useful, fine-grain access control patterns.