Efficient and Flexible Access Control via Jones-Optimal Logic Program Specialisation
Efficient and Flexible Access Control via Jones-Optimal Logic Program Specialisation
We describe the use of a flexible meta-interpreter for performing access control checks on deductive databases. The meta-program is implemented in Prolog and takes as input a database and an access policy specification. For processing access control requests we specialise the meta-program for a given access policy and database by using the Logen partial evaluation system. The resulting specialised control checking program is dependent solely upon dynamic information that can only be known at the time of actual access request evaluation. In addition to describing our approach, we give a number of performance measures for our implementation of an access control checker. In particular, we show that by using our approach we get flexible access control with virtually no overhead, satisfying the Jones optimality criterion. The paper also shows how to satisfy the Jones optimality criterion more generally for interpreters written in the non-ground representation.
Access Control, Deductive Databases, Partial Evaluation, Program Transformation, Meta-Programming
Barker, Steve
00504f81-7e2e-40d9-9a67-c0c9868f6af8
Leuschel, Michael
c2c18572-66cf-4f84-ade4-218ce3afe78b
Varea, Mauricio
7a752b8b-0f8b-47e0-b411-2ac53f228ba7
2006
Barker, Steve
00504f81-7e2e-40d9-9a67-c0c9868f6af8
Leuschel, Michael
c2c18572-66cf-4f84-ade4-218ce3afe78b
Varea, Mauricio
7a752b8b-0f8b-47e0-b411-2ac53f228ba7
Barker, Steve, Leuschel, Michael and Varea, Mauricio
(2006)
Efficient and Flexible Access Control via Jones-Optimal Logic Program Specialisation.
Journal of Higher-Order and Symbolic Computation, To app.
Abstract
We describe the use of a flexible meta-interpreter for performing access control checks on deductive databases. The meta-program is implemented in Prolog and takes as input a database and an access policy specification. For processing access control requests we specialise the meta-program for a given access policy and database by using the Logen partial evaluation system. The resulting specialised control checking program is dependent solely upon dynamic information that can only be known at the time of actual access request evaluation. In addition to describing our approach, we give a number of performance measures for our implementation of an access control checker. In particular, we show that by using our approach we get flexible access control with virtually no overhead, satisfying the Jones optimality criterion. The paper also shows how to satisfy the Jones optimality criterion more generally for interpreters written in the non-ground representation.
More information
Published date: 2006
Keywords:
Access Control, Deductive Databases, Partial Evaluation, Program Transformation, Meta-Programming
Organisations:
Electronics & Computer Science
Identifiers
Local EPrints ID: 262650
URI: http://eprints.soton.ac.uk/id/eprint/262650
PURE UUID: b9c8e089-5681-48ea-bb0f-9195b10c435b
Catalogue record
Date deposited: 30 May 2006
Last modified: 14 Mar 2024 07:15
Export record
Contributors
Author:
Steve Barker
Author:
Michael Leuschel
Author:
Mauricio Varea
Download statistics
Downloads from ePrints over the past year. Other digital versions may also be available to download e.g. from the publisher's website.
View more statistics