Dynamically-typed object-oriented programming languages do not provide type information until runtime. Two of their main advantages are that they allow fast prototyping and integrating changes at runtime. The ability of dynamically-typed languages to support program changes at runtime and the lack of type information doom the classic security approaches to failure. Controlling references to single objects and to graphs of objects is essential to build secure systems. Existing approaches are commonly based on static type system and cannot be applied to dynamically-typed languages. This thesis argue that: In the context of dynamically-typed languages, reifying references, controlling behavior, and isolating state via such references, is a practical way to control references. This thesis makes five contributions: - We propose dynamic read-only objects (DRO) as one kind of adaptation of behavioral change at reference-level. - We generalize the DRO model to enable more generic behavioral changes. We extend the Pharo programming environment and language with Handles, that are first-class references with the ability to change the behavior of referenced objects. - We define Metahandle to offer flexibility and adaptability to controlled references. - We propose SHandle, an extension of the Handle model to isolate side effects at the level of references. - And finally, we formalize the Handles and SHandle models to represent and explain their semantics. As validation of our thesis we have implemented three approaches relevant to securing system using our model. In addition, as proof of concept we extended the Pharo virtual machine to support Handles, Metahandles and SHandles. Keyword: security, dynamically-typed languages, reflection, language design, first class reference, object-oriented programming.