Dismiss
InnovationQ will be updated on Sunday, Oct. 22, from 10am ET - noon. You may experience brief service interruptions during that time.
Browse Prior Art Database

Security of Variables in APL Shared Variable System

IP.com Disclosure Number: IPCOM000080746D
Original Publication Date: 1974-Feb-01
Included in the Prior Art Database: 2005-Feb-27
Document File: 2 page(s) / 14K

Publishing Venue

IBM

Related People

Rodgers, WC: AUTHOR

Abstract

In APL, several levels of security are available. In addition to the user identification number there is: 1) The ability to protect the sign-on with a lock to prevent unauthorized access. 2) The ability to lock a workspace to prevent unauthorized access. 3) The ability to lock a function so that it can be used but not listed.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 60% of the total text.

Page 1 of 2

Security of Variables in APL Shared Variable System

In APL, several levels of security are available. In addition to the user identification number there is: 1) The ability to protect the sign-on with a lock to prevent

unauthorized access.

2) The ability to lock a workspace to prevent unauthorized

access.

3) The ability to lock a function so that it can be used

but not listed.

However, no direct method has been provided to protect proprietary variables in a workspace. If a workspace can be accessed, then any global variables in it can be accessed.

A method is described here for automatically protecting such data variables. This is done by transforming the variable into a locked function with built-in protection capability. Once this is done, the "variable" may be used in the usual way only by those authorized. The overhead involved in using the "locked- function" form of the variable is relatively minor (about 100 bytes for storage). A method is also provided to permit modifications to the "variable", but only by those who are authorized.

This method is valid only in an APL Shared Variable System (APLSV) (or equivalent) system. It uses the "execute" and "format" primitive functions and the "expunge" and "function establishment" system functions.

The type and extent of protection capability possible is quite flexible. For example, the "variable's" use could be limited to the the originator (or someone using his ID number and lock). More generally, it could be accessed by any one of a list of authorized users. It could also be restricted so that it could be used only between 11:00 a.m. and 11:30 a.m. on Thursdays. Method of Locking Variables.

The method can be implemented in a monadic APL function called LOCK. The user supplies as input the name of the variable he wishes to lock. The basic steps in the function are as follows:
1. The printing precision is locally set to the maximum.

(This affects numerical variables only.)
2. A three-row literal matrix is constructed to correspond

to the canonical representation of the desired function.

first row: Contains

Z <-- variable name.

This is to be the function header.

second row: Contains the security check. Normally

this would be an exit if the check

failed. In addition, a security violation

notice could also be issued.

third row: The correct value of the variable is

assigned to Z. This is done in such a

way that Z becomes identical to the

1

Page 2 of 2

original variable in all respects (type,

rank and shape). The values in the

variable actually...