Handbook of theoretical computer science (vol. B)
Object-oriented type systems
Formal language, grammar and set-constraint-based program analysis by abstract interpretation
FPCA '95 Proceedings of the seventh international conference on Functional programming languages and computer architecture
Fast static analysis of C++ virtual function calls
Proceedings of the 11th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
An automata-theoretic approach to linear temporal logic
Proceedings of the VIII Banff Higher order workshop conference on Logics for concurrency : structure versus automata: structure versus automata
Call graph construction in object-oriented languages
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Derivatives of Regular Expressions
Journal of the ACM (JACM)
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for expressive security policies
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
ACM Transactions on Information and System Security (TISSEC)
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
POPL '77 Proceedings of the 4th ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Model checking security properties of control flow graphs
Journal of Computer Security
Principles of Program Analysis
Principles of Program Analysis
.NET framework security
Secure calling contexts for stack inspection
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Compositional Verification of Secure Applet Interactions
FASE '02 Proceedings of the 5th International Conference on Fundamental Approaches to Software Engineering
Model-Checking LTL with Regular Valuations for Pushdown Systems
TACS '01 Proceedings of the 4th International Symposium on Theoretical Aspects of Computer Software
On-Line Model Checking for Finite Linear Temporal Logic Specifications
Proceedings of the International Workshop on Automatic Verification Methods for Finite State Systems
Data-Flow-Based Virtual Function Resolution
SAS '96 Proceedings of the Third International Symposium on Static Analysis
Automatic synthesis of optimal invariant assertions: Mathematical foundations
Proceedings of the 1977 symposium on Artificial intelligence and programming languages
A new approach to mobile code security
A new approach to mobile code security
A static type system for JVM access control
ICFP '03 Proceedings of the eighth ACM SIGPLAN international conference on Functional programming
USITS'97 Proceedings of the USENIX Symposium on Internet Technologies and Systems on USENIX Symposium on Internet Technologies and Systems
Modular class analysis with DATALOG
SAS'03 Proceedings of the 10th international conference on Static analysis
Local policies for resource usage analysis
ACM Transactions on Programming Languages and Systems (TOPLAS)
Planning and verifying service composition
Journal of Computer Security - 18th IEEE Computer Security Foundations Symposium (CSF 18)
Foundations of security analysis and design IV
Verifying resource access control on mobile interactive devices
Journal of Computer Security - 7th International Workshop on Issues in the Theory of Security (WITS'07)
| Hi-index | 0.00 |
Stack inspection is a mechanism for programming secure applications in the presence of code from various protection domains. Run-time checks of the call stack allow a method to obtain information about the code that (directly or indirectly) invoked it in order to make access control decisions. This mechanism is part of the security architecture of Java and the .NET Common Language Runtime. A central problem with stack inspection is to determine to what extent the local checks inserted into the code are sufficient to guarantee that a global security property is enforced. A further problem is how such verification can be carried out in an incremental fashion. Incremental analysis is important for avoiding re-analysis of library code every time it is used, and permits the library developer to reason about the code without knowing its context of deployment. We propose a technique for inferring interfaces for stack-inspecting libraries in the form of secure calling context for methods. By a secure calling context we mean a pre-condition on the call stack sufficient for guaranteeing that execution of the method will not violate a given global property. The technique is a constraint-based static program analysis implemented via fixed point iteration over an abstract domain of linear temporal logic properties.