skip to main content
research-article
Public Access

Extensible access control with authorization contracts

Published:19 October 2016Publication History
Skip Abstract Section

Abstract

Existing programming language access control frameworks do not meet the needs of all software components. We propose an expressive framework for implementing access control monitors for components. The basis of the framework is a novel concept: the authority environment. An authority environment associates rights with an execution context. The building blocks of access control monitors in our framework are authorization contracts: software contracts that manage authority environments. We demonstrate the expressiveness of our framework by implementing a diverse set of existing access control mechanisms and writing custom access control monitors for three realistic case studies.

References

  1. M. Abadi and C. Fournet. Access control based on execution history. In Proceedings of the 10th Annual Network and Distributed System Security Symposium (NDSS), pages 107– 121, February 2003.Google ScholarGoogle Scholar
  2. M. Abadi, M. Burrows, B. Lampson, and G. Plotkin. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems (TOPLAS), 15(4): 706–734, September 1993. Google ScholarGoogle ScholarDigital LibraryDigital Library
  3. J. P. Anderson. Computer security technology planning study. Technical Report ESD-TR-73-51, U.S. Air Force Electronic Systems Division, Deputy for Command and Management Systems, HQ Electronic Systems Division, 1972.Google ScholarGoogle Scholar
  4. A. W. Appel and E. W. Felten. Proof-carrying authentication. In Proceedings of the 6th ACM Conference on Computer and Communications Security (CCS), pages 52–62, Nov. 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. O. Arden, J. Liu, and A. C. Myers. Flow-limited authorization. In Proceedings of the 28th IEEE Computer Security Foundations Symposium (CSF), pages 569–583, July 2015. Google ScholarGoogle ScholarDigital LibraryDigital Library
  6. L. Bauer, J. Ligatti, and D. Walker. Composing security policies with Polymer. In Proceedings of the 2005 ACM SIGPLAN Conference on Programming Language Design and Implementation (PLDI), pages 305–314, June 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. F. Chen and G. Ro¸su. Java-MOP: A monitoring oriented programming environment for Java. In Proceedings of the Eleventh International Conference on Tools and Algorithms for the Construction and Analysis of Systems (TACAS), pages 546–550, April 2005. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. C. Dimoulas, S. Tobin-Hochstadt, and M. Felleisen. Complete monitors for behavioral contracts. In Proceedings of the 21st European Symposium on Programming (ESOP), pages 211– 230, March 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. C. Dimoulas, S. Moore, A. Askarov, and S. Chong. Declarative policies for capability control. In Proceedings of the 27th IEEE Computer Security Foundations Symposium (CSF), pages 3–17, July 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. T. Disney, C. Flanagan, and J. McCarthy. Temporal higherorder contracts. In Proceedings of the 16th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 176–188, September, 2011. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. C. Dutchyn, D. B. Tucker, and S. Krishnamurthi. Semantics and scoping of aspects in higher-order languages. Science of Computer Programming, 63(3):207–239, December 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. U. Erlingsson and F. B. Schneider. SASI enforcement of security policies: A retrospective. In Proceedings of the 1999 Workshop on New Security Paradigms, pages 87–95, 1999. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. U. Erlingsson and F. B. Schneider. IRM enforcement of Java stack inspection. In Proceedings of the 2000 IEEE Symposium on Security and Privacy (S&P), pages 246–255, May 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. D. Evans and A. Twyman. Flexible policy-directed code safety. In Proceedings of the 1999 IEEE Symposium on Security and Privacy (S&P), pages 32–45, May 1999.Google ScholarGoogle ScholarCross RefCross Ref
  15. R. B. Findler and M. Felleisen. Contracts for higher-order functions. In Proceedings of the Seventh ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 48–59, October 2002. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. M. Flatt and PLT. Reference: Racket. Technical Report PLTTR-2010-1, PLT Design Inc., 2010. http://racket-lang. org/tr1/.Google ScholarGoogle Scholar
  17. M. Gasbichler and M. Sperber. Processes vs. user-level threads in Scsh. In Proceedings of the 3rd ACM SIGPLAN Workshop on Scheme and Functional Programming, 2002.Google ScholarGoogle Scholar
  18. P. Heidegger, A. Bieniusa, and P. Thiemann. Access permission contracts for scripting languages. In Proceedings of the 39th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages (POPL), pages 111–122, Jan. 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. L. Jia, J. A. Vaughan, K. Mazurak, J. Zhao, L. Zarko, J. Schorr, and S. Zdancewic. AURA: A programming language for authorization and audit. In Proceedings of the 13th ACM SIGPLAN International Conference on Functional Programming (ICFP), pages 27–38, September 2008. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. M. Jones and K. W. Hamlen. Enforcing IRM security policies: Two case studies. In Proceedings of the 7th IEEE Intelligence and Security Informatics Conference (ISI), pages 214–216, June 2009. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. B. W. Lampson. Protection. ACM SIGOPS Operating Systems Review, 8(1):18–24, January 1974. Google ScholarGoogle ScholarDigital LibraryDigital Library
  22. B. Meyer. Object-Oriented Software Construction. Prentice Hall, 1988. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. B. Meyer. Design by contract. In Advances in Object-Oriented Software Engineering, pages 1–50. Prentice Hall, 1991.Google ScholarGoogle Scholar
  24. B. Meyer. Applying “Design by Contract”. Computer, 25(10): 40–51, October 1992. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. M. Miller. Robust Composition: Towards a Unified Approach to Access Control and Concurrency Control. PhD thesis, Johns Hopkins University, May 2006. Google ScholarGoogle ScholarDigital LibraryDigital Library
  26. M. S. Miller, M. Samuel, B. Laurie, I. Awad, and M. Stay. Caja: Safe active content in sanitized JavaScript, 2008. Google white paper.Google ScholarGoogle Scholar
  27. S. Moore, C. Dimoulas, D. King, and S. Chong. Shill: A secure shell scripting language. In 11th USENIX Symposium on Operating Systems Design and Implementation (OSDI), pages 183–199. USENIX, October 2014. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. S. Moore, C. Dimoulas, R. B. Findler, M. Flatt, and S. Chong. Extensible access control with authorization contracts. Technical Report TR-03-16, Harvard University, 2016.Google ScholarGoogle Scholar
  29. J. H. Morris, Jr. Protection in programming languages. Communications of the ACM, 16(1):15–21, January 1973. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. P. H. Phung, M. Monshizadeh, M. Sridhar, K. W. Hamlen, and V. N. Venkatakrishnan. Between worlds: Securing mixed javascript/actionscript multi-party web content. IEEE Transactions on Dependable and Secure Computing (TDSC), 12(4): 443–457, July 2015.Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. J. H. Saltzer. Protection and the control of information sharing in multics. Communications of the ACM, 17(7):388–402, July 1974. Google ScholarGoogle ScholarDigital LibraryDigital Library
  32. F. B. Schneider. Enforceable security policies. ACM Transactions on Information and System Security (TISSEC), 3(1): 30–50, February 2000. Google ScholarGoogle ScholarDigital LibraryDigital Library
  33. C. Schollier, É. Tanter, and W. D. Meuter. Computational contracts. Science of Computer Programming, 98(3):360–375, October 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  34. G. L. Steele, Jr. Macaroni is better than spaghetti. In Proceedings of the 1977 Symposium on Artificial Intelligence and Programming Languages, pages 60–66, August 1977. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. G. L. Steele Jr and G. J. Sussman. The revised report on SCHEME: A dialect of LISP. Technical Report AIM-452, Massachusetts Institute of Technology Artificial Intelligence Laboratory, 1978.Google ScholarGoogle Scholar
  36. N. Swamy, J. Chen, and R. Chugh. Enforcing stateful authorization and information flow policies in Fine. In Proceedings of the 19th European Conference on Programming Languages and Systems (ESOP), pages 529–549, March 2010. Google ScholarGoogle ScholarDigital LibraryDigital Library
  37. A. Takikawa, T. S. Strickland, and S. Tobin-Hochstadt. Constraining delimited control with contracts. In Proceedings of the 22nd European Conference on Programming Languages and Systems (ESOP), pages 229–248, March 2013. Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. R. Toledo, A. Nunez, E. Tanter, and J. Noye. Aspectizing Java access control. IEEE Transactions on Software Engineering, 38(1):101–117, January 2012. Google ScholarGoogle ScholarDigital LibraryDigital Library
  39. D. Wallach and E. Felten. Understanding Java stack inspection. In Proceedings of the 1998 IEEE Symposium on Security and Privacy (S&P), pages 52–63, May 1998.Google ScholarGoogle ScholarCross RefCross Ref
  40. D. S. Wallach, D. Balfanz, D. Dean, and E. W. Felten. Extensible security architectures for Java. In Proceedings of the Sixteenth ACM Symposium on Operating Systems Principles (SOSP), pages 116–128, October 1997. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Extensible access control with authorization contracts

                Recommendations

                Comments

                Login options

                Check if you have access through your login credentials or your institution to get full access on this article.

                Sign in

                Full Access

                • Published in

                  cover image ACM SIGPLAN Notices
                  ACM SIGPLAN Notices  Volume 51, Issue 10
                  OOPSLA '16
                  October 2016
                  915 pages
                  ISSN:0362-1340
                  EISSN:1558-1160
                  DOI:10.1145/3022671
                  Issue’s Table of Contents
                  • cover image ACM Conferences
                    OOPSLA 2016: Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications
                    October 2016
                    915 pages
                    ISBN:9781450344449
                    DOI:10.1145/2983990

                  Copyright © 2016 ACM

                  Publisher

                  Association for Computing Machinery

                  New York, NY, United States

                  Publication History

                  • Published: 19 October 2016

                  Check for updates

                  Qualifiers

                  • research-article

                PDF Format

                View or Download as a PDF file.

                PDF

                eReader

                View online with eReader.

                eReader
                About Cookies On This Site

                We use cookies to ensure that we give you the best experience on our website.

                Learn more

                Got it!