Call graph construction in object-oriented languages
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Scalable propagation-based call graph construction algorithms
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
An efficient security verification method for programs with stack inspection
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Model checking security properties of control flow graphs
Journal of Computer Security
Principles of Program Analysis
Principles of Program Analysis
Java Language Specification, Second Edition: The Java Series
Java Language Specification, Second Edition: The Java Series
Secure calling contexts for stack inspection
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Stack inspection: Theory and variants
ACM Transactions on Programming Languages and Systems (TOPLAS)
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
From Stack Inspection to Access Control: A Security Analysis for Libraries
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Stack inspection and secure program transformations
International Journal of Information Security - Special issue on security in global computing
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Static check analysis for Java stack inspection
ACM SIGPLAN Notices
| Hi-index | 0.00 |
The security manager in Java 2 is a runtime access control mechanism. Whenever an access permission to critical resources is requested, the security manager inspects a call stack to examine whether the program has appropriate access permissions or not. This run-time permission check called stack inspection enforces access-control policies that associate access rights with the class that initiates the access. In this paper, we develop a visualization tool which helps programmers enforce security policy effectively into programs. It is based on the static permission check analysis which approximates permission checks statically which must succeed or fail at each method. Using the visualization system, programmers can modify programs and policy files if necessary, as they examine how permission checks and their stack inspection are performed. This process can be repeated until the security policy is enforced correctly.