Name
Abstract | ||
|---|---|---|
Bidirectional programming allows developers to write programs that will produce transformations that extract data from a source document into a view. The same transformations can then be used to update the source in order to propagate the changes made to the view, provided that the transformations satisfy two essential properties. Bidirectional transformations can provide a form of authorisation mechanism. From a source containing sensitive data, a view can be extracted that only contains the information to be shared with a subject. The subject can modify the view, and the source can be updated accordingly, without risk of release of the sensitive information to the subject. However, the authorisation model afforded by bidirectional transformations is limited. Implementing an attribute-based access control (ABAC) mechanism directly in bidirectional transformations would violate the essential properties of well-behaved transformations; it would contradict the principle of separation of concerns; and it would require users to write and maintain a different transformation for every subject they would like to share a view with. In this paper, we explore a solution to enforce ABAC on bidirectional transformations, using a policy language from which filters are generated to enforce the policy rules. |
Year | DOI | Venue |
|---|---|---|
2015 | 10.1145/2752952.2752963 | ACM Symposium on Access Control Modelsand Technologies |
Field | DocType | Citations |
Computer science,Authorization,Separation of concerns,Access control,Information sensitivity,Bidirectional programming,Distributed computing | Conference | 2 |
PageRank | References | Authors |
0.38 | 22 | 2 |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Lionel Montrieux | 1 | 2 | 0.38 |
| Zhenjiang Hu | 2 | 1341 | 99.25 |