ANSA Object Model

A very brief introduction to the ANSA Object Model, and security in that context.

• Encapsulation and interaction Objects are encapsulated and interact through well defined interfaces. In short, no back doors or "direct access to the data". Essential for distrubution, but also good for security. Unfortunately, WWW is not built like this.
  • Enforce encapsulation
  • Control interaction
• Granularity of control
  • Object - unit of encapsulation
  • Interface - unit of provision of service, unit of granting of access
• Controlled delegation
  • Interface reference passing - least privilege An interface reference is a bit like a URL. It contains the information you need in order to attempt to access a resource.
  • Sealed representation - forwarding, storing without granting right to use It is important to be able to pass interface references or URLs in WWW via untrusted intermediaries.

Introduction ->1 ->2 ->3 ->4 ->5 ->6