A type system for Java bytecode subroutines
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Representation independence, confinement and access control [extended abstract]
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java Virtual Machine Specification
Java Virtual Machine Specification
Java bytecode as a typed term calculus
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
The Logical Abstract Machine: A Curry-Howard Isomorphism for Machine Code
FLOPS '99 Proceedings of the 4th Fuji International Symposium on Functional and Logic Programming
An Operational Semantics of Java 2 Access Control
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
Register allocation by proof transformation
Science of Computer Programming - Special issue on 12th European symposium on programming (ESOP 2003)
Interfaces for stack inspection
Journal of Functional Programming
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
A microkernel virtual machine:: building security with clear interfaces
Proceedings of the 2006 workshop on Programming languages and analysis for security
Type safe dynamic linking for JVM access control
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
Reasoning about safety properties in a JVM-like environment
Science of Computer Programming
Formal methods for smartcard security
Foundations of Security Analysis and Design III
| Hi-index | 0.00 |
This paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access control mechanism similar to the one found, for example, in a JAVA implementation. In addition to verifying type consistency of a given JVM code, the type system statically verifies that the code accesses only those resources that are granted by the prescribed access policy. The type system is proved to be sound with respect to an operational semantics that enforces access control dynamically, similarly to JAVA stack inspection. This result ensures that "well typed code cannot violate access policy." The paper then develops a type inference algorithm and shows that it is sound with respect to the type system and that it always infers a minimal set of access privileges. These results allows us to develop a static system for JVM access control without resorting to costly runtime stack inspection.