Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
PLDI
2005
ACM
2005
ACM
Composing security policies with polymer
We introduce a language and system that supports definition and composition of complex run-time security policies for Java applications. Our policies are comprised of two sorts of methods. The first is query methods that are called whenever an untrusted application tries to execute a security-sensitive action. A query method returns a suggestion indicating how the security-sensitive action should be handled. The second sort of methods are those that perform state updates as the policy’s suggestions are followed. The structure of our policies facilitates composition, as policies can query other policies for suggestions. In order to give programmers control over policy composition, we have designed the system so that policies, suggestions, and application events are all firstclass objects that a higher-order policy may manipulate. We show how to use these programming features by developing a library of policy combinators. Our system is fully implemented, and we have defined a form...
Real-time Traffic| Added | 26 Jun 2010 |
| Updated | 26 Jun 2010 |
| Type | Conference |
| Year | 2005 |
| Where | PLDI |
| Authors | Lujo Bauer, Jay Ligatti, David Walker |
Comments (0)
Researcher Info
|
