9870316 It is becoming increasingly common for mutually untrusting software components to be parts of the same program; examples include Java applets, ActiveX controls, Component Object Model (COM) objects, and extensible operating systems. Methods and tools are created that make it easier for programmers to write software components that will function securely when linked with potentially hostile components. This is done by combining research results on several topics: information hiding and language design, hierarchical modularity, dynamic linking, and access control. One result of this work is a set of tools that let programmers precisely control the visibility and accessibility of pieces of their software, allowing different views of a software component to be presented to different software clients depending on the provenance of the client code. Software tools are implemented and distributed to support this for programs written in the Java and ML languages.***
