Simple & powerful access control in programming languages

Motivation

This topic addresses a serious worry among programmers and language designers alike: how to make languages that are simple, yet offer powerful features.

-

there are many well-documented access control policies known

-

but current access control policies are fixed and limited within each language

-

more dynamic access control (for safety and/or security) would be highly relevant.

-

Co-op can be used to concisely express and apply a library of access control policies

-

if successful, this work can be straightforward to result in a publication

Description

Popular programming languages, such as C++, Java and C#, tend to grow continuously, adding more and more features and language constructs all the time. This is not always only an improvement: the languages become more complicated to learn, understand, and build compilers for. The interaction among many of those features is the topic of long research and discussions, and often not ideal or natural.

Access control is the ability for programmers to define rules how the elements in a program (class) can be used, and from which contexts. The most common example is the public/protected/private specification for methods and fields. But more powerful versions include the ability to distinguish between class and instance level protection, ability to grant access to specific other modules ('friends'), or the ability to let access depend on dynamic circumstances.

Co-op ('Composition-operators') provides a platform that allows for defining custom compositions as reusable abstractions [1]. It has been shown to be able to express widely different object-oriented composition techniques, including several inheritance variants, aspects, and design patterns. The key feature is that such techniques do not require modifying the language implementation, but can be expressed in the same language, and offered as libraries. Recently, Co-op has been extended so that it can also express various data abstraction techniques.

List of Tasks

·

survey of access policies and resulting overview

·

find examples where built-in language constructs for access control are insufficient.

·

implement a library of access control policies in Co-op

·

show that these can overcome limitations as found before.

·

investigate how well access policies can be combined

References

[1] co-op.sf.net (esp. Co-op documentation page)

Supervisor

Steven te Brinke