Quick links

A Language and System for Composing Security Policies

Report ID:
March 2004
Download Formats:


We introduce a new language and system that allows security architects
to develop well-structured and easy-to-maintain security policies for
Java applications. In our system, policies are first-class objects.
Consequently, programmers can define parameterized meta-policies that
act as policy combinators and policy modifiers, so that complex security
policies can be implemented by composing simple base policies. We
demonstrate the effectiveness of our design by building up a library of
powerful policy combinators and showing how they can be used. We also
describe some issues we encountered while implementing our system and
provide performance results.acro

Follow us: Facebook Twitter Linkedin