Abstract
This paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR. We introduce a static analysis which safely approximates the access rights granted to code at run time. This analysis provides us with the basis to reduce the run-time overhead of stack inspection and in combination with other program transformations.
This is a preview of subscription content, log in via an institution to check access.
Similar content being viewed by others
References
Abadi M, Burrows M, Lampson B, Plotkin G (1993) A calculus for access control in distributed systems. ACM Trans Programm Lang Sys 4(15):706–734
Bartoletti M, Degano P, Ferrari GL (2003) Security-aware program transformations. In: Proc. 8th Italian conference on theoretical computer science
Bartoletti M, Degano P, Ferrari GL (2004) Program transformations under dynamic security policies. ENTCS (in press)
Bauer L, Ligatti J, Walker D (2002) More enforceable security policies. In: Proc. Foundations of Computer Security (FCS ’02)
Besson F, de Grenier de Latour T, Jensen T (2002) Secure calling contexts for stack inspection. In: Proc. 4th conference on principles and practice of declarative programming. ACM Press, New York
Besson F, Jensen T, Le Métayer D, Thorn T (2001) Model checking security properties of control flow graphs. J Comput Secur 9:217–250
Choi J-D, Grove D, Hind M, Sarkar V (1999) Efficient and precise modeling of exceptions for the analysis of Java programs. In: Proc. workshop on program analysis for software tools and engineering
Clemens J, Felleisen M (2003) A tail-recursive semantics for stack inspections. In: Degano P (ed) Proc. 12th European symposium on programming. LNCS, vol 2618. Springer, Berlin Heidelberg New York
Erlingsson U, Schneider FB (2000) IRM enforcement of Java stack inspection. In: Proc. IEEE symposium on security and privacy
Esparza J, Kučera A, Schwoon S (2001) Model-checking LTL with regular valuations for pushdown systems. In: Proc. 4th international symposium on theoretical aspects of computer software
Fournet C, Gordon AD (2003) Stack inspection: theory and variants. ACM Trans Programm Lang Sys 25(3):360–399
Gong L (1999) Inside Java 2 platform security: architecture, API design, and implementation. Addison-Wesley, Reading, MA
Gong L, Schemers R (1998) Implementing protection domains in the Java Development Kit 1.2. In: Proc. Internet Society symposium on network and distributed system security
Grove D, Chambers C (2001) A framework for call graph construction algorithms. ACM Trans Programm Lang Sys 23(6):685–746
Karjoth G (2000) An operational semantics for Java 2 access control. In: Proc. 13th workshop on computer security foundations. IEEE Press, New York
Kaser O, Ramakrishnan CR (1998) Evaluating inlining techniques. Comput Lang 24(2):55–72
Koved L, Pistoia M, Kershenbaum A (2002) Access rights analysis for Java. In: Proc. 17th ACM conference on object-oriented programming, systems, languages, and applications. ACM Press, New York
Lai C, Gong L, Koved L, Nadalin A, Schemers R (1999) User authentication and authorization in the Java platform. In: Proc. 15th annual computer security application reference. IEEE Press, New York
Microsoft Corp. (2001) .NET framework developer’s guide: securing applications, Redmond, WA
Nielson F, Nielson HR, Hankin CL (1999) Principles of program analysis. Springer, Berlin Heidelberg New York
Obdržálek J (2002) Model checking Java using pushdown systems. In: Proc. workshop on formal techniques for Java-like programs
Pottier F, Skalka C, Smith S (2001) A systematic approach to static access control. In: Sands D (ed) Proc. 10th European symposium on programming. LNCS, vol 2028. Springer, Berlin Heidelberg New York
Schneider F, Morrisett G, Harper R (2001) A language-based approach to security. In: Informatics: 10 years back, 10 years ahead. Springer, Berlin Heidelberg New York
Schneider FB (1998) Enforceable security policies. Technical Report TR98-1664, Cornell University, Ithaca, NY
Sinha S, Harrold MJ (2000) Analysis and testing of programs with exception handling constructs. Softw Eng 26(9):849–871
Sun Microsystems (2001) The Java HotSpot virtual machine (Technical White Paper)
Sundaresan V, Hendren L, Razafimahefa C, Vallée-Rai R, Lam P, Gagnon E, Godin C (2000) Practical virtual method call resolution for Java. In: Proc. 15th ACM SIGPLAN conference on object-oriented programming systems, languages and applications. ACM Press, New York, 35(10):264–280
Tip F, Palsberg J (2000) Scalable propagation-based call graph construction algorithms. In: Proc. 15th ACM SIGPLAN conference on object-oriented programming systems, languages and applications
Walker D (2000) A type system for expressive security policies. In: Proc. 27th ACM SIGPLAN-SIGACT symposium on principles of programming languages. ACM Press, New York
Wallach DS (1999) A new approach to mobile code security. PhD thesis, Princeton University, Princeton, NJ
Wallach DS, Appel AW, Felten EW (2001) SAFKASI: a security mechanism for language-based systems. ACM TOSEM 9(4):341–378
Wille C (2000) Presenting C\(\sharp\). SAMS Publishing
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Bartoletti, M., Degano, P. & Ferrari, G. Stack inspection and secure program transformations. IJIS 2, 187–217 (2004). https://doi.org/10.1007/s10207-004-0038-8
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-004-0038-8