Skip to main content
SpringerLink
Log in

Reflections on MOP s, Components, and Java Security

  • Conference paper
  • First Online:
ECOOP 2001 — Object-Oriented Programming (ECOOP 2001)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2072))

Included in the following conference series:

Abstract

This article investigates the security issues raised by the use of meta-programming systems with Java. For each possible type of MOP (compile-time, load-time, etc.), we study the permissions required for both the base and the meta-level protection domains, taking into account the flowof control between the different parts of the application. We showtha t the choice of a particular MOP architecture has a strong impact on security issues. Assuming a component-based architecture with code from various origins having different levels of trust, we establish a set of rules for combining the permissions associated with each protection domain (integration, base-level, meta-level, etc.).

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Martin Abadi, Michael Burrows, Butler Lampson, and Gordon Plotkin. A calculus for access control in distributed systems. ACM Transactions on Programming Languages and Systems, 15(4):706–734, September 1993.

    Article  Google Scholar 

  2. M. Ancona, W. Cazzola, and E. B. Fernandez. Reflective authorization systems: Possibilities, benefits, and drawbacks. Lecture Notes in Computer Science, 1603:35–50, 1999.

    Google Scholar 

  3. Massimo Ancona, Walter Cazzola, and Eduardo B. Fernandez. A historydependent access control mechanism using reflection. In Proceedings of the 5th ECOOP Workshop on Mobile Object Systems (MOS’99), Lisbon, Portugal, June 1999.

    Google Scholar 

  4. Pierre Bieber, Jacques Cazin, Virginie Wiels, Guy Zanon, Pierre Girard, and Jean-Louis Lanet. Electronic purse applet certification: extended abstract. In Steve Schneider and Peter Ryan, editors, Electronic Notes in Theoretical Computer Science, volume 32. Elsevier Science Publishers, 2000.

    Google Scholar 

  5. D. Caromel, W. Klauser, and J. Vayssiere. Towards Seamless Computing and Metacomputing in Java. Concurrency Practice and Experience, 10(11-13):1043–1061, November 1998.

    Article  Google Scholar 

  6. Shigeru Chiba. A metaobject protocol for C++. In OOPSLA’ 95 Conference Proceedings: Object-Oriented Programming Systems, Languages, and Applications, pages 285–299. ACM Press, 1995.

    Google Scholar 

  7. Shigeru Chiba and Michiaki Tatsubori. Yet another java.lang.class. In ECOOP’98 Workshop on Reflective Object-Oriented Programming and Systems, Brussels, Belgium, July 1998

    Google Scholar 

  8. Geoff A. Cohen, Jeffrey S. Chase, and David L. Kaminsky. Automatic program transformation with JOIE. In Proceedings of the USENIX 1998 Annual Technical Conference, pages 167–178, Berkeley, USA, June 15-19 1998. USENIX Association.

    Google Scholar 

  9. Josè de Oliveira Guimarães. Reflection for statically typed languages. In Eric Jul, editor, ECOOP’ 98—Object-Oriented Programming, volume 1445 of Lecture Notes in Computer Science, pages 440–461. Springer, 1998.

    Chapter  Google Scholar 

  10. J. Ferber. Computational reflection in class based object-oriented languages. ACM SIGPLAN Notices, 24(10):317–326, October 1989.

    Article  Google Scholar 

  11. E. Gamma, R. Helm, R. Johnson, and J. Vlissides. Design Patterns: Elements of Reusable Object-oriented Software. Addison Wesley, Reading, 1996.

    MATH  Google Scholar 

  12. Li Gong. Secure Java class loading. IEEE Internet Computing, 2(5):56–61, 1998.

    Article  Google Scholar 

  13. Li Gong. Inside Java 2 platform security: architecture, API design, and implementation. Addison-Wesley, Reading, MA, USA, june 1999.

    Google Scholar 

  14. J. Gosling, B. Joy, and G. Steele. The Java Language Specification. Addison-Wesley, Reading, USA, 1997.

    Google Scholar 

  15. Gregor Kiczales and Jim des Rivieres. The art of the metaobject protocol.,MIT Press, Cambridge, MA, USA, 1991.

    Google Scholar 

  16. Juergen Kleinoeder and Michael Golm. Metajava: An efficient run-time meta architecture for java. Techn. Report TR-I4-96-03, Univ. of Erlangen-Nuernberg, IMMD IV, 1996.

    Google Scholar 

  17. Tim Lindholm and Frank Yellin. The Java Virtual Machine Specification. Addison-Wesley, Reading, USA, 1997.

    Google Scholar 

  18. Gabriella Dodero Massimo Ancona, Walter Cazzola and Vittoria Gianuzzi. Channel reification: A reflective model for distributed computation. In Proceedings of IEEE International Performance Computing, and Communication Conference (IPCCC’98), pages 32–36, Phoenix, Arizona, USA, Feb 1998.

    Google Scholar 

  19. Sun Microsystems. The JavaBeans API Specification, July 1997.

    Google Scholar 

  20. Sun Microsystems. The Java Core Reflection API, 1998.

    Google Scholar 

  21. Andrew C. Myers. JFlow: Practical mostly-static information flow control. In Proceedings of the 26th ACM Symposium on Principles of Programming Languages (POPL), pages 228–241, San Antonio, Texas, Jan 1999.

    Google Scholar 

  22. Alexandre Oliva and Luiz Eduardo Buzato. The design and implementation of Guaraná. In Proceedings of the Fifth USENIX Conference on Object-Oriented Technologies and Systems, pages 203–216. The USENIX Association, 1999.

    Google Scholar 

  23. Barry Redmond and Vinny Cahill. Iguana/J: Towards a dynamic and efficient reflective architecture for java. In ECOOP 2000 Workshop on Reflection and Metalevel Architectures, June 2000.

    Google Scholar 

  24. T. Riechmann and J. Kleinoeder. Meta objects for access control: Role-based principals. In C. Boyd and E. Dawson, editors, Proceeding of the Third Australasian Conference on Information Security and Privacy, number 1438 in Lecture Notes in Computer Science, pages 296–307. Springer, July 1998.

    Google Scholar 

  25. Jerome H. Saltzer and Michael D. Schroeder. The protection of information in computer systems. Proceedings of the IEEE, 63(9), September 1975.

    Google Scholar 

  26. Ravi S. Sandhu, Edward J. Coyne, Hal L. Feinstein, and Charles E. Youman. Role-based access control models. Computer, 29(2):38–47, February 1996.

    Article  Google Scholar 

  27. Peter Sewell and Jan Vitek. Secure composition of insecure components. In Proceedings of the Computer Security Foundations Workshop, CSFW-12, 1999.

    Google Scholar 

  28. Michiaki Tatsubori. An extension mechanism for the Java language. Master’s thesis, Graduate School of Engineering, University of Tsukuba, 1999.

    Google Scholar 

  29. I. Welch and R. Stroud. From Dalang to Kava — the evolution of a reflective Java extension. In Pierre Cointe, editor, Proceedings of the second international conference Reflection’99, number 1616 in Lecture Notes in Computer Science, pages 2–21. Springer, July 1999.

    Google Scholar 

  30. I. Welch and R. J. Stroud. Using reflection as a mechanism for enforcing security policies in mobile code. In Proceedings of ESORICS’2000, number 1895 in Lecture Notes in Computer Science, pages 309–323, October 2000.

    Google Scholar 

  31. Ian Welch and Robert Stroud. Using metaobject protocols to adapt third-party components. Work-in-Progress paper presented at Middleware’98, Lake District England, September 1998.

    Google Scholar 

  32. Zhixue Wu and Scarlet Schwiderski. Reflective Java: Making Java even more flexible. Technical report, ANSA, 1997.

    Google Scholar 

Download references

Authors
  1. Denis Caromel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Julien Vayssière
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, University of Aarhus, Åbogade 34, 8200, Århus N, Denmark

    Jørgen Lindskov Knudsen

Rights and permissions

Reprints and permissions

Copyright information

© 2001 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Caromel, D., Vayssière, J. (2001). Reflections on MOP s, Components, and Java Security. In: Knudsen, J.L. (eds) ECOOP 2001 — Object-Oriented Programming. ECOOP 2001. Lecture Notes in Computer Science, vol 2072. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45337-7_14

Download citation

  • DOI: https://doi.org/10.1007/3-540-45337-7_14

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-42206-8

  • Online ISBN: 978-3-540-45337-6

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation