Access Control in JavaScript

Software
2011
Issue No. 5 - September/October
Abstract - Access Control in JavaScript

	This Article
	Subscribers, please Login Purchase article: $19 PDF HTML RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Rodolfo Toledo Articles by Eric Tanter

September/October 2011 (vol. 28 no. 5)

pp. 76-84

	ASCII Text	x
	Rodolfo Toledo, Eric Tanter, "Access Control in JavaScript," IEEE Software, vol. 28, no. 5, pp. 76-84, September/October, 2011.

	BibTex	x
	@article{ 10.1109/MS.2010.154, author = {Rodolfo Toledo and Eric Tanter}, title = {Access Control in JavaScript}, journal ={IEEE Software}, volume = {28}, number = {5}, issn = {0740-7459}, year = {2011}, pages = {76-84}, doi = {http://doi.ieeecomputersociety.org/10.1109/MS.2010.154}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - MGZN JO - IEEE Software TI - Access Control in JavaScript IS - 5 SN - 0740-7459 SP76 EP84 EPD - 76-84 A1 - Rodolfo Toledo, A1 - Eric Tanter, PY - 2011 KW - language constructs and features KW - scripting languages KW - semantics KW - software KW - software engineering VL - 28 JA - IEEE Software ER -

Rodolfo Toledo, University of Chile

Eric Tanter, University of Chile

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/MS.2010.154

ZAC is a practical lightweight library for access control in JavaScript based on aspect orientation. Its access control architecture is stack based, similar to those of Java and C#. However, ZAC integrates other features for more expressive access control. First, access control policies can be enforced at the level of objects, which permits more fine-grained control over resource access. Second, policies in ZAC can base their decisions on scripts' execution history. This lets developers express policies that are impossible to define using other models, such as bounded-time execution.

Index Terms:

language constructs and features, scripting languages, semantics, software, software engineering

Citation:

Rodolfo Toledo, Eric Tanter, "Access Control in JavaScript," IEEE Software, vol. 28, no. 5, pp. 76-84, Sep./Oct. 2011, doi:10.1109/MS.2010.154

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.