Islands: aliasing protection in object-oriented languages
OOPSLA '91 Conference proceedings on Object-oriented programming systems, languages, and applications
The Geneva convention on the treatment of object aliasing
ACM SIGPLAN OOPS Messenger
The use of name spaces in Plan 9
ACM SIGOPS Operating Systems Review
Security properties of typed applets
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamic class loading in the Java virtual machine
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The Java programming language (2nd ed.)
The Java programming language (2nd ed.)
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Commercialization of electronic information
Journal of End User Computing
Application isolation in the Java Virtual Machine
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A note on the confinement problem
Communications of the ACM
The Real-Time Specification for Java
The Real-Time Specification for Java
The JavaSeal Mobile Agent Kernel
ASAMA '99 Proceedings of the First International Symposium on Agent Systems and Applications Third International Symposium on Mobile Agents
Protection in the Hydra Operating System
SOSP '75 Proceedings of the fifth ACM symposium on Operating systems principles
Multitasking without comprimise: a virtual machine evolution
OOPSLA '01 Proceedings of the 16th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Incommunicado: efficient communication for isolates
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Ownership, encapsulation and the disjointness of type and effect
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Sealing, Encapsulation, and Mutability
ECOOP '01 Proceedings of the 15th European Conference on Object-Oriented Programming
Modular Internet Programming with Cells
ECOOP '02 Proceedings of the 16th European Conference on Object-Oriented Programming
Lana: An Approach to Programming Autonomous Systems
ECOOP '02 Proceedings of the 16th European Conference on Object-Oriented Programming
Mobile Code, Internet Security, and E-Commerce
ECOOP '00 Proceedings of the Workshops, Panels, and Posters on Object-Oriented Technology
Luna: a flexible Java protection system
ACM SIGOPS Operating Systems Review - OSDI '02: Proceedings of the 5th symposium on Operating systems design and implementation
Luna: a flexible Java protection system
OSDI '02 Proceedings of the 5th symposium on Operating systems design and implementationCopyright restrictions prevent ACM from being able to make the PDFs for this conference available for downloading
Lightweight flexible isolation for language-based extensible systems
VLDB '02 Proceedings of the 28th international conference on Very Large Data Bases
XMem: type-safe, transparent, shared memory for cross-runtime communication and coordination
Proceedings of the 2008 ACM SIGPLAN conference on Programming language design and implementation
Method-Specific Java Access Control via RMI Proxy Objects Using Annotations
ICISS '09 Proceedings of the 5th International Conference on Information Systems Security
Role-based access control (RBAC) in Java via proxy objects using annotations
Proceedings of the 15th ACM symposium on Access control models and technologies
| Hi-index | 0.00 |
It is essential for security to be able to isolate mistrusting programs from one another, and to protect the host platform from programs. Isolation is difficult in object-oriented systems because objects can easily become aliased. Aliases that cross program boundaries can allow programs to exchange information without using a system provided interface that could control information exchange. In Java, mistrusting programs are placed in distinct loader spaces but uncontrolled sharing of system classes can still lead to aliases between programs. This paper presents the object spaces protection model for an object-oriented system. The model decomposes an application into a set of spaces, and each object is assigned to one space. All method calls between objects in different spaces are mediated by a security policy. An implementation of the model in Java is presented.