Handbook of theoretical computer science (vol. B)
Object-oriented type systems
Formal language, grammar and set-constraint-based program analysis by abstract interpretation
FPCA '95 Proceedings of the seventh international conference on Functional programming languages and computer architecture
Fast static analysis of C++ virtual function calls
Proceedings of the 11th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Call graph construction in object-oriented languages
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
ACM Transactions on Information and System Security (TISSEC)
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Model checking security properties of control flow graphs
Journal of Computer Security
Principles of Program Analysis
Principles of Program Analysis
Compositional Verification of Secure Applet Interactions
FASE '02 Proceedings of the 5th International Conference on Fundamental Approaches to Software Engineering
Data-Flow-Based Virtual Function Resolution
SAS '96 Proceedings of the Third International Symposium on Static Analysis
Automatic synthesis of optimal invariant assertions: Mathematical foundations
Proceedings of the 1977 symposium on Artificial intelligence and programming languages
A new approach to mobile code security
A new approach to mobile code security
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
OOPSLA '04 Companion to the 19th annual ACM SIGPLAN conference on Object-oriented programming systems, languages, and applications
Interfaces for stack inspection
Journal of Functional Programming
ACM SIGPLAN Notices
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Trace effects and object orientation
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
Static check analysis for Java stack inspection
ACM SIGPLAN Notices
Types and trace effects of higher order programs
Journal of Functional Programming
Types and trace effects for object orientation
Higher-Order and Symbolic Computation
A Type and Effect System for Flexible Abstract Interpretation of Java
Electronic Notes in Theoretical Computer Science (ENTCS)
Program Transformations under Dynamic Security Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
Visualization of permission checks in java using static analysis
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Computer security from a programming language and static analysis perspective
ESOP'03 Proceedings of the 12th European conference on Programming
Formal methods for smartcard security
Foundations of Security Analysis and Design III
Hi-index | 0.01 |
Stack inspection is a mechanism for programming secure applications by which a method can obtain information from the call stack about the code that (directly or indirectly) invoked it. This mechanism plays a fundamental role in the security architecture of Java and the .NET Common Language Runtime. A central problem with stack inspection is to determine to what extent the local checks inserted into the code are sufficient to guarantee that a global security property is enforced. In this paper, we present a technique for inferring a secure calling context for a method. By a secure calling context we mean a pre-condition on the call stack sufficient for guaranteeing that execution of the method will not violate a given global property. This is particularly useful for annotating library code in order to avoid having to re-analyse libraries for every new application. The technique is a constraint based static program analysis implemented via fixed point iteration over an abstract domain of linear temporal logic properties.