Facet-based access control model for View-Oriented Programming

Abstract

Security is an integral part of the modern software systems and applications in which a client program can access different functional aspects (views) of the same domain. These views (View-Oriented Programming-VOP), as a separation of concerns approach, enable us to manage the complexity of the software systems and to accomplish greater reuse and maintainability. In VOP, an object's response to a message depends on the views currently attached to its core instance. View-oriented programming suffers from a formal model and security issues to protect the privileges of each client who needs to access different views of the same object. This paper describes a facet-based access control model to handle security issues in VOP. Especially, it introduces algebra and formalism to describe VOP and to protect the privileges of each client program. These issues are discussed through an example.