In computing it is common for a user to have to enter a password in order to access a particular resource. This can be regarded as operating at the application or architectural level, since it is generally used to restrict access to various application functionality, such as the ability to manipulate a bank account.
It can also be desired to control access at much lower level, in relation to particular code. For example, in an object-oriented computing environment, one object may call a method belonging to another object. The object making the call is sometimes referred to as a caller object and the object which receives the call is sometimes referred to as a resource object. The Java programming language (Java is a trademark of Sun Microsystems Inc.) provides a mechanism to restrict access to object methods. In particular, methods of a class may be specified as having different access rights by being declared as public, private or protected methods. A method declared as public may be accessed by all objects. A method declared as private may be accessed only by other members of its class. A method declared as protected may be accessed by other members of its package, and also by members of its subclasses inside or outside the package. Further details can be found in standard books on Java, such as “Learning Java” by Niemeyer and Knudsen, O'Reilly, 1997, ISBN 1-56592-718-4.
One particular situation in which it is desired to restrict access to certain objects relates to the StarOffice Uniform Network Objects (UNO) programming environment (StarOffice is a trademark of Sun Microsystems Inc.). In UNO, the method com.sun.star.lang.XComponent.dispose( ) should only be called by the owner of the resource object to which the interface containing this method belongs. The owner object here is typically the object that first creates the resource object. The above method may be called by an object's owner to explicitly free resources kept by the object, for example, to break cyclic references. Thus the call causes the resource object to release its resources and references.
Problems may arise if this method is called by an object other than the owner object. This is most likely to occur in respect of code from third parties such as independent software vendors (ISVs), system integrators, and so on. Calling the dispose( ) method at an inappropriate juncture or in an inappropriate manner can often lead to a system crash. In many cases this problem arises without malicious intent, simply as a consequence of poor design or coding errors. However, it is also possible to make this type of call on purpose in a deliberate attempt to crash the system. This then has significant security implications for the system.
Unfortunately, the provision of private and protected methods in Java does little to alleviate this difficulty, since such access restrictions apply at the class level. In contrast, the above problems normally arise in respect of certain objects (i.e. particular instances of the class).