Types for Lexically-Scoped Access Control
Computer Science Division Tech Report UCB//CSD-03-1282.
University of California, Berkeley. October 2003.
We develop a new system for defining and enforcing access control statically. In our systems, key-pairs guard access to resources, and the association between key-pairs and resources can be changed at any program point (i.e., the binding is late). Our static system uses an ordering on lexically scoped abstract names to allow local access control policies to be enforced in other parts of a program. In particular, this means that individual program components can locally refine access control policies and the policies will be respected by the entire program. The result is a system that can enforce, at compile time, a wide variety of useful, fine-grain access control patterns.