An Object Oriented Approach For the Protection of Information Systems
This work addresses security for information system users, but it appears incremental as it builds on a previously described object-oriented model.
The paper tackles the problem of securing information systems by introducing a protection system based on object-oriented principles, resulting in a robust, flexible, and user-acceptable design with features like personal signatures and restricted administrator rights.
We provide a protection system making use of encapsulation, messages communication, interface functions coming from an object oriented model described in previous works. Each user represents himself to the system by the mean of his "USER" object type. The recognition procedure is suitable to every one's needs. Any user's objects and types are labeled with a personal signature, exclusively provided and known by the system. Administrator's rights are restricted to backup procedures. The system verify each messages access, it is robust because partitioned, flexible, suitable and psychologically acceptable.