Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Stack inspection: Theory and variants
ACM Transactions on Programming Languages and Systems (TOPLAS)
A static type system for JVM access control
ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
A tail-recursive machine with stack inspection
ACM Transactions on Programming Languages and Systems (TOPLAS)
Formal specification and analysis of JAAS framework
Proceedings of the 2006 international workshop on Software engineering for secure systems
A static type system for JVM access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Program Transformations under Dynamic Security Policies
Electronic Notes in Theoretical Computer Science (ENTCS)
A tail-recursive semantics for stack inspections
ESOP'03 Proceedings of the 12th European conference on Programming
| Hi-index | 0.00 |
Java 2 Security enhanced with the Java Authentication and Authorization Service (JAAS) provide sophisticated access control features via a user-configurable authorization policy. Fine-grained access control, code-based as well as user-based authorization, and implicit access rights allow the implementation of real-world policies, but of the cost of increased complexity. In this paper, we provide a formal specification of the Java 2 and JAAS access control model that helps remove ambiguities of the informal definitions. It defines Java 2 access control in terms of an abstract machine, whose behavior is determined by a small set of transition rules. We illustrate the power of Java 2 access control by showing how commonly encountered authorization requirements can be implemented in Java 2.