Computer Science Technical Reports
CS at VT

Language Extensions for Specifying Access Control Policies in Programming Languages

Claybrook, Billy G. and Hartson, H. Rex (1980) Language Extensions for Specifying Access Control Policies in Programming Languages. Technical Report CS80011-R, Computer Science, Virginia Tech.

Full text available as:
PDF - Requires Adobe Acrobat Reader or other PDF viewer.
CS80011-R.pdf (1950016)


The scope rules in programming languages control the sharing of data among program units-e.g., blocks and procedures. Typically, scope rules provide an all-or-nothing kind of access control. A wide range of programming problems exist which require finer access control as well as considerable sophistication for the implementation of access control policies on high-level data objects such as files. This paper presents a number of language extensions that permit the programmer to specify the degree of access control for each abstract object that a program unit can manipulate. An attempt has been made to keep the number of extensions as small as possible and yet allow the user conveniently to specify the access control policies that he desires. Some of the extensions permit access policies to be specified such that access correctness can be completely determined at compile time; other extensions permit policies to be specified that require some access checking to be done at runtime in order to ensure access correctness. The extensions have been developed such that subsets can be selected and implemented in programming languages to provide various access control policies.

Item Type:Departmental Technical Report
Subjects:Computer Science > Historical Collection(Till Dec 2001)
ID Code:853
Deposited By:Administrator, Eprints
Deposited On:06 May 2006