Reflective Authorization Systems: Possibilities, Benefits, and Drawbacks

  • Massimo Ancona
  • Walter Cazzola
  • Eduardo B. Fernandez
Part of the Lecture Notes in Computer Science book series (LNCS, volume 1603)


We analyze how to use the reflective approach to integrate an authorization system into a distributed object-oriented framework. The expected benefits from the reflective approach are: more stability of the security layer (i.e., with a more limited number of hidden bugs), better software and development modularity, more reusability, and the possibility to adapt the security module with at most a few changes to other applications. Our analysis is supported by simple and illustrative examples written in Java.


Authorization Distributed Objects Object Orientation Reflection Security 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. [1]
    Massimo Ancona, Walter Cazzola, Gabriella Dodero, and Vittoria Gianuzzi. Channel Reification: a Reflective Approach to Fault-Tolerant Software Development. In OOPSLA’ 95 (poster section), page 137, Austin, Texas, USA, on 15th–19th October 1995. ACM. Available at
  2. [2]
    Massimo Ancona, Walter Cazzola, Gabriella Dodero, and Vittoria Gianuzzi. Channel Reification: A Reflective Model for Distributed Computation. In proceedings of IEEE International Performance Computing, and Communication Conference (IPCCC’98), 98CH36191, pages 32–36, Phoenix, Arizona, USA, on 16th–18th February 1998. IEEE.Google Scholar
  3. [3]
    Ken Arnold and James Gosling. The Java Programming Language. The Java Series... from the Source. Addison-Wesley, Reading, Massachusetts, second edition, December 1997.Google Scholar
  4. [4]
    Elisa Bertino, Sabrina De Capitani di Vimercati, Elena Ferrari, and Pierangela Samarati. Exception-Based Information Flow Control in Object-Oriented Systems. ACM Transactions on Information and System Security (TISSEC), 1(1), November 1998.Google Scholar
  5. [5]
    W. E. Boebert and R. Y. Kain. A Pratical Alternative to Hierarchical Integrity Policies. In proceedings of 8th National Computing Security Conference, Gaithersburg, October 1985.Google Scholar
  6. [6]
    Walter Cazzola. Evaluation of Object-Oriented Reflective Models. In proceedings of ECOOP Workshop on Reflective Object-Oriented Programming and Systems (EWROOPS’98), in 12th European Conference on Object-Oriented Programming (ECOOP’98), Brussels, Belgium, on 20th–24th July 1998. Available at
  7. [7]
    Helen Custer. Inside Windows NT. Microsoft Press, Redmond, WA, 1993.Google Scholar
  8. [8]
    Francois-Nicola Demers and Jacques Malenfant. Reflection in Logic, Functional and Object-Oriented Programming: a Short Comparative Study. In proceedings of the workshop section, in IJCAI’95 (International Join Conference on AI), Montréal, Canada, August 1995.Google Scholar
  9. [9]
    Eduardo B. Fernandez and J. C. Hawkins. Determining Role Rights from Use Cases. In proceedings of the 2nd ACM Workshop on Role Based Access Control (RBAC’97), pages 121–125, November 1997.Google Scholar
  10. [10]
    Eduardo B. Fernandez, Maria M. Larrondo-Petrie, and Ehud Gudes. A Method-Based Authorization Model for Object-Oriented Databases. In proceedings of the OOPSLA’93 Workshop on Security in Object-Oriented Systems, pages 70–79. ACM, 1993.Google Scholar
  11. [11]
    Eduardo B. Fernandez, Rita C. Summers, and Christopher Wood. Database Security and Integrity. Addison-Wesley, Reading, Massachusetts, 1981.Google Scholar
  12. [12]
    Michael A. Harrison, Walter L. Ruzzo, and Jeffrey D. Ullman. Protection in Operating Systems. Communication of the ACM, 19(8):461–471, August 1976.zbMATHCrossRefMathSciNetGoogle Scholar
  13. [13]
    Trent Jaeger, Nayeen Islam, Rangachari Anand, Atul Prakash, and Jochen Liedtke. Flexible Control of Downloaded Executable Content., 1997.
  14. [14]
    Butler W. Lampson. Protection. Operating System Review, 8(1):18–34, January 1974. Reprint.CrossRefGoogle Scholar
  15. [15]
    Pattie Maes. Concepts and Experiments in Computational Reflection. In proceedings of OOPSLA’ 87, volume 22 of Sigplan Notices, pages 147–156. ACM, October 1987.Google Scholar
  16. [16]
    Edwin Menze, F. Reynolds, and F. Travostino. Programming with System Resources in Support of Real-Time Distributed Applications. In proceedings of the 1996 IEEE Workshop on Object-Oriented Real-Time Dependable Systems, pages 36–45, Laguna Beach, Ca, February 1996. IEEE.Google Scholar
  17. [17]
    Ravi Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E Youman. Role-Based Access Control Models. Computer, 29(2):38–47, February 1996.CrossRefGoogle Scholar
  18. [18]
    Susann Sonntag, Hermann Härtig, Oliver Kowalski, Winfried Kühnhauser, and Wolfang Lux. Adaptability Using Reflection. In proceedings of the 27th Annual Hawaii International Conference on System Sciences, pages 383–392, 1994.Google Scholar
  19. [19]
    Oliver Spatscheck and Larry L. Peterson. Escort: A Path-Based OS Security Architecture. Technical Report TR-97-17, Department of Computer Science, The University of Arizona, Tucson, AZ 85721, November 1997.Google Scholar
  20. [20]
    Robert J. Stroud. Transparency and Reflection in Distributed Systems. ACM Operating System Review, 22:99–103, April 1992.Google Scholar
  21. [21]
    Robert J. Stroud and Zhixue Wu. Using Metaobject Protocols to Satisfy Non-Functional Requirements. In Chris Zimmerman, editor, Advances in Object-Oriented Metalevel Architectures and Reflection, chapter 3, pages 31–52. CRC Press, Inc., 2000 Corporate Blvd., N.W., Boca Raton, Florida 33431, 1996.Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 1999

Authors and Affiliations

  • Massimo Ancona
    • 1
  • Walter Cazzola
    • 2
    • 3
  • Eduardo B. Fernandez
    • 4
  1. 1.DISI - University of GenovaGenovaItaly
  2. 2.DSI - University of MilanoMilano
  3. 3.C/O DISI - University of GenovaGenovaItaly
  4. 4.Department of Computer Science and EngineeringFlorida Atlantic UniversityBoca RatonUSA

Personalised recommendations