ACM Portal
  Subscribe (Full Service)    Register (Limited Service, Free)    Login
  Search:   The ACM Digital Library   The Guide
  
ACM Home Page
Please provide us with feedback. Feedback
A language extension for expressing constraints on data access
Full text PdfPdf (1.06 MB)
Source
Communications of the ACM archive
Volume 21 ,  Issue 5  (May 1978) table of contents
Pages: 358 - 367  
Year of Publication: 1978
ISSN:0001-0782
Authors
Anita K. Jones  Carnegie-Mellon Univ., Pittsburgh, PA
Barbara H. Liskov  Massachusetts Institute of Technology, Cambridge, MA
Publisher
ACM  New York, NY, USA
Bibliometrics
Downloads (6 Weeks): 4,   Downloads (12 Months): 21,   Citation Count: 18
Additional Information:

abstract   references   cited by   index terms   collaborative colleagues  

Tools and Actions: Request Permissions Request Permissions    Review this Article  
DOI Bookmark: Use this link to bookmark this Article: http://doi.acm.org/10.1145/359488.359493
What is a DOI?

ABSTRACT

Controlled sharing of information is needed and desirable for many applications and is supported in operating systems by access control mechanisms. This paper shows how to extend programming languages to provide controlled sharing. The extension permits expression of access constraints on shared data. Access constraints can apply both to simple objects, and to objects that are components of larger objects, such as bank account records in a bank's data base. The constraints are stated declaratively, and can be enforced by static checking similar to type checking. The approach can be used to extend any strongly-typed language, but is particularly suitable for extending languages that support the notion of abstract data types.


REFERENCES

Note: OCR errors may be found in this Reference List extracted from the full text article. ACM has opted to expose the complete List rather than only correct and linked references.

1
Allen L. Ambler , Donald I. Good , James C. Browne , Wilhelm F. Burger , Richard M. Cohen , Charles G. Hoch , Robert E. Wells, Gypsy: A language for specification and implementation of verifiable programs, Proceedings of an ACM conference on Language design for reliable software, p.1-10, March 28-30, 1977, Raleigh, North Carolina
 
2
Dahl, O.J., and Hoare, C.A.R. Hierarchical Program Structures. Structured Programming (Dahl, Dijkstra, and Hoare, Eds.), Academic Press 1972.
3
Jack B. Dennis , Earl C. Van Horn, Programming semantics for multiprogrammed computations, Communications of the ACM, v.9 n.3, p.143-155, March 1966  [doi>10.1145/365230.365252]
4
R. S. Fabry, Capability-based addressing, Communications of the ACM, v.17 n.7, p.403-412, July 1974  [doi>10.1145/361011.361070]
 
5
Anita Katherine Jones, Protection in programmed systems., 1973
 
6
Jones, A.K., and Wulf, W.A. Toward the Design of a Secure System. Software Practice and Experience 5 (1975), 321-336.
 
7
Jones, A.K., and Liskov, B.H. A Language Extension for Controlling Access to Shared Data. 1EEE Trans. on Software Engineering SE-2, 4 (December 1976), 277-285.
 
8
Lampson, B.W. Protection. Proc. of the Fifth Annual Princeton Conference on Information Sciences and Systems, Princeton University, 197 l, 437-443.
9
Butler W. Lampson , Howard E. Sturgis, Reflections on an operating system design, Communications of the ACM, v.19 n.5, p.251-265, May 1976  [doi>10.1145/360051.360074]
10
Barbara Liskov , Alan Snyder , Russell Atkinson , Craig Schaffert, Abstraction mechanisms in CLU, Communications of the ACM, v.20 n.8, p.564-576, Aug. 1977  [doi>10.1145/359763.359789]
 
11
Neumann, P.G., Fabry, R.S., Levitt, K.N., Robinson, L., and Wensley, J.H. On the Design of a Provably Secure Operating System. International Workshop on Protection in Operating Systems, IRIA, Paris, August 1974, 161-175.
12
Gerald J. Popek , David A. Farber, A model for verification of data security in operating systems, Communications of the ACM, v.21 n.9, p.737-749, Sept. 1978  [doi>10.1145/359588.359597]
 
13
Saltzer, J., and Schroeder, M. Protection of Information in Computer Systems. Proc. of the IEEE 63, 9 (September 1975), 1278-1308.
14
Andrew S. Tanenbaum, A Tutorial on Algol 68, ACM Computing Surveys (CSUR), v.8 n.2, p.155-190, June 1976  [doi>10.1145/356669.356671]
 
15
Wirth, N. The Programming Language PASCAL. Acta lnformatica 1, 1971,335-363.
16
W. Wulf , E. Cohen , W. Corwin , A. Jones , R. Levin , C. Pierson , F. Pollack, HYDRA: the kernel of a multiprocessor operating system, Communications of the ACM, v.17 n.6, p.337-345, June 1974  [doi>10.1145/355616.364017]
 
17
Wulf, W.A., London, R.L., and Shaw, M. An introduction to the construction and verification of Alphard programs. IEEE Trans. Software Eng. SE-2, 4 (Dec. 1976), 253-265.

CITED BY  18
Mark Day , Robert Gruber , Barbara Liskov , Andrew C. Myers, Subtypes vs. where clauses: constraining parametric polymorphism, ACM SIGPLAN Notices, v.30 n.10, p.156-168, Oct. 17, 1995
Donald I. Good , Richard M. Cohen , Lawrence W. Hunter, A Report On The Development Of Gypsy, Proceedings of the 1978 annual conference, p.116-122, December 04-06, 1978, Washington, D.C., United States
Lawrence A. Rowe, Data abstraction from a programming language viewpoint, ACM SIGMOD Record, v.11 n.2, p.29-35, Feb 1981
Stephen L. Stepoway , Abraham Silberschatz, An extension to the language-based access-control mechanism of Jones and Liskov, ACM SIGPLAN Notices, v.16 n.5, p.54-58, May 1981
Donald I. Good , Richard M. Cohen , James Keeton-Williams, Principles of proving concurrent programs in Gypsy, Proceedings of the 6th ACM SIGACT-SIGPLAN symposium on Principles of programming languages, p.42-52, January 29-31, 1979, San Antonio, Texas
Andrew C. Myers , Barbara Liskov, A decentralized model for information flow control, ACM SIGOPS Operating Systems Review, v.31 n.5, p.129-142, Dec. 1997
Gerald Brose, Manageable access control for CORBA, Journal of Computer Security, v.10 n.4, p.301-337, December 2002
Mark Evered, Bracket capabilities for distributed systems security, Australian Computer Science Communications, v.24 n.1, p.51-58, January-February 2002
Mark Evered , Serge Bögeholz, A case study in access control requirements for a Health Information System, Proceedings of the second workshop on Australasian information security, Data Mining and Web Intelligence, and Software Internationalisation, p.53-61, January 01, 2004, Dunedin, New Zealand
Warren H. Jessop, Ada packages and distributed systems, ACM SIGPLAN Notices, v.17 n.2, p.28-36, February 1982
Mark Evered, Flexible enterprise access control with object-oriented view specification, Proceedings of the Australasian information security workshop conference on ACSW frontiers 2003, p.17-24, February 01, 2003, Adelaide, Australia
Mark Evered, Opsis: a distributed object architecture based on bracket capabilities, Proceedings of the Fortieth International Conference on Tools Pacific: Objects for internet, mobile and embedded applications, February 01, 2002, Sydney, Australia
Andrew C. Myers, JFlow: practical mostly-static information flow control, Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages, p.228-241, January 20-22, 1999, San Antonio, Texas, United States
Billy G. Claybrook , James Craig Cleaveland , Donald Criscione, Logical Structure Specification and data type definition, Proceedings of the 1979 annual conference, p.203-211, January 1979
Cédric Fournet , Andrew D. Gordon , Sergio Maffeis, A type discipline for authorization policies, ACM Transactions on Programming Languages and Systems (TOPLAS), v.29 n.5, p.25-es, August 2007
Malcolm P. Atkinson, Programming languages and databases, Proceedings of the fourth international conference on Very Large Data Bases, p.408-419, September 13-15, 1978, West Berlin, Germany
Devdatta Kulkarni , Anand Tripathi, Context-aware role-based access control in pervasive computing systems, Proceedings of the 13th ACM symposium on Access control models and technologies, June 11-13, 2008, Estes Park, CO, USA
Xin Qi , Andrew C. Myers, Masked types for sound object initialization, Proceedings of the 36th annual ACM SIGPLAN-SIGACT symposium on Principles of programming languages, January 21-23, 2009, Savannah, GA, USA

INDEX TERMS

Primary Classification:
  D. Software
  D.4 OPERATING SYSTEMS
      D.4.6 Security and Protection
          Subjects: Access controls

Additional Classification:
  D. Software
  D.3 PROGRAMMING LANGUAGES
      D.3.3 Language Constructs and Features
          Subjects: Abstract data types

  F. Theory of Computation
  F.4 MATHEMATICAL LOGIC AND FORMAL LANGUAGES


General Terms:
Design, Languages, Performance, Security, Theory


Keywords:
abstract data types, access control, capabilities, data types, programming languages, type checking

Collaborative Colleagues:
Anita K. Jones: colleagues
Barbara H. Liskov: colleagues

The ACM Portal is published by the Association for Computing Machinery. Copyright © 2009 ACM, Inc.
Terms of Usage   Privacy Policy   Code of Ethics   Contact Us

Useful downloads: Adobe Acrobat    QuickTime    Windows Media Player    Real Player