Stack inspection and secure program transformations

Authors:
Massimo Bartoletti;Pierpaolo Degano;Gian Luigi Ferrari
Affiliations:
Università di Pisa, Dipartimento di Informatica, Viat Buonarotti 2, 56927, Pisa, Italy;Università di Pisa, Dipartimento di Informatica, Viat Buonarotti 2, 56927, Pisa, Italy;Università di Pisa, Dipartimento di Informatica, Viat Buonarotti 2, 56927, Pisa, Italy
Venue:
International Journal of Information Security - Special issue on security in global computing
Year:
2004

Citing 0
Cited 6

Static check analysis for Java stack inspection

ACM SIGPLAN Notices
Local policies for resource usage analysis

ACM Transactions on Programming Languages and Systems (TOPLAS)
Program Transformations under Dynamic Security Policies

Electronic Notes in Theoretical Computer Science (ENTCS)
Visualization of permission checks in java using static analysis

WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Component-based access control: secure software composition through static analysis

SC'08 Proceedings of the 7th international conference on Software composition
Interprocedural analysis for privileged code placement and tainted variable detection

ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming

Quantified Score

Hi-index	0.00

Visualization

Abstract

This paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR. We introduce a static analysis which safely approximates the access rights granted to code at run time. This analysis provides us with the basis to reduce the run-time overhead of stack inspection and in combination with other program transformations.