Notions of computation and monads
Information and Computation
Full abstraction in the lazy lambda calculus
Information and Computation
Proving congruence of bisimulation in functional programming languages
Information and Computation
Analysis and caching of dependencies
Proceedings of the first ACM SIGPLAN international conference on Functional programming
Compiling standard ML to Java bytecodes
ICFP '98 Proceedings of the third ACM SIGPLAN international conference on Functional programming
JFlow: practical mostly-static information flow control
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Higher order operational techniques in semantics
Higher order operational techniques in semantics
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
ACM Transactions on Programming Languages and Systems (TOPLAS)
Representation independence, confinement and access control [extended abstract]
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Model checking security properties of control flow graphs
Journal of Computer Security
Java Virtual Machine Specification
Java Virtual Machine Specification
Essential .NET: The Common Language Runtime
Essential .NET: The Common Language Runtime
An Operational Semantics of Java 2 Access Control
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
The Confused Deputy: (or why capabilities might have been invented)
ACM SIGOPS Operating Systems Review
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Journal of Functional Programming
Secure calling contexts for stack inspection
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Stack inspection: Theory and variants
ACM Transactions on Programming Languages and Systems (TOPLAS)
A static type system for JVM access control
ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
Channel dependent types for higher-order mobile processes
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A tail-recursive machine with stack inspection
ACM Transactions on Programming Languages and Systems (TOPLAS)
Stack-based access control and secure information flow
Journal of Functional Programming
Interfaces for stack inspection
Journal of Functional Programming
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Permission-based ownership: encapsulating state in higher-order typed languages
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Composing security policies with polymer
Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation
Privileged operations in the PlanetLab virtualised environment
ACM SIGOPS Operating Systems Review
A static type system for JVM access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Subspace: secure cross-domain communication for web mashups
Proceedings of the 16th international conference on World Wide Web
Detecting malicious java code using virtual machine auditing
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Run-time principals in information-flow type systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Execution monitoring enforcement under memory-limitation constraints
Information and Computation
Execution monitoring enforcement for limited-memory systems
Proceedings of the 2006 International Conference on Privacy, Security and Trust: Bridge the Gap Between PST Technologies and Business Services
Sequent calculi and abstract machines
ACM Transactions on Programming Languages and Systems (TOPLAS)
Secure Information Flow as a Safety Property
Formal Aspects in Security and Trust
Security Types for Sessions and Pipelines
Web Services and Formal Methods
CSchema: a downgrading policy language for XML access control
Journal of Computer Science and Technology
A language for information flow: dynamic tracking in multiple interdependent dimensions
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Enforcing Security Policies on Programs
Proceedings of the 2006 conference on New Trends in Software Methodologies, Tools and Techniques: Proceedings of the fifth SoMeT_06
On declassification and the non-disclosure policy
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
A tail-recursive semantics for stack inspections
ESOP'03 Proceedings of the 12th European conference on Programming
Verifying resource access control on mobile interactive devices
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
Permission re-delegation: attacks and defenses
SEC'11 Proceedings of the 20th USENIX conference on Security
Field access analysis for enforcing access control policies
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
A formal model of access control for mobile interactive devices
ESORICS'06 Proceedings of the 11th European conference on Research in Computer Security
| Hi-index | 0.00 |
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to accommodate components with diverse levels of trust. Although stack inspection enables the fine-grained expression of access control policies, it has rather a complex and subtle semantics. We present a formal semantics and an equational theory to explain how stack inspection affects program behaviour and code optimisations. We discuss the security properties enforced by stack inspection, and also consider variants with stronger, simpler properties.