@inproceedings{3c54df763a624accbfb40dfb8823320b,
title = "Extensible access control with authorization contracts",
abstract = "Existing programming language access control frameworks do not meet the needs of all software components.We propose an expressive framework for implementing access control monitors for components. The basis of the framework is a novel concept: the authority environment. An authority environment associates rights with an execution context. The building blocks of access control monitors in our framework are authorization contracts: software contracts that manage authority environments. We demonstrate the expressiveness of our framework by implementing a diverse set of existing access control mechanisms and writing custom access control monitors for three realistic case studies.",
keywords = "Access control, Authorization logic, Contracts",
author = "Scott Moore and Christos Dimoulas and Findler, {Robert Bruce} and Matthew Flatt and Stephen Chong",
note = "Funding Information: This material is based upon work supported by the National Science Foundation under Grant Numbers CCF-1438271, CNS-1524052, and CCF-1526324. This research is also supported by the Air Force Research Laboratory and a Google Faculty Research Award. Publisher Copyright: {\textcopyright} 2016 ACM.; 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016 ; Conference date: 31-10-2016 Through 01-11-2016",
year = "2016",
month = oct,
day = "19",
doi = "10.1145/2983990.2984021",
language = "English (US)",
series = "Proceedings of the Conference on Object-Oriented Programming Systems, Languages, and Applications, OOPSLA",
publisher = "Association for Computing Machinery",
pages = "214--233",
editor = "Eelco Visser and Yannis Smaragdakis",
booktitle = "OOPSLA 2016 - Proceedings of the 2016 ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications",
}