Typestate: A programming language concept for enhancing software reliability
IEEE Transactions on Software Engineering
PLDI '92 Proceedings of the ACM SIGPLAN 1992 conference on Programming language design and implementation
Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Role-Based Access Control Models
Computer
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Escape analysis for object-oriented languages: application to Java
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Configuring role-based access control to enforce mandatory and discretionary access control policies
ACM Transactions on Information and System Security (TISSEC)
Incrementalized pointer and escape analysis
Proceedings of the ACM SIGPLAN 2001 conference on Programming language design and implementation
Pointer analysis: haven't we solved this problem yet?
PASTE '01 Proceedings of the 2001 ACM SIGPLAN-SIGSOFT workshop on Program analysis for software tools and engineering
Proposed NIST standard for role-based access control
ACM Transactions on Information and System Security (TISSEC)
Representation independence, confinement and access control [extended abstract]
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A framework for call graph construction algorithms
ACM Transactions on Programming Languages and Systems (TOPLAS)
Principles of Program Analysis
Principles of Program Analysis
.NET framework security
Secure Information Flow and Pointer Confinement in a Java-like Language
CSFW '02 Proceedings of the 15th IEEE workshop on Computer Security Foundations
Generalized typestate checking using set interfaces and pluggable analyses
ACM SIGPLAN Notices
Security analysis in role-based access control
Proceedings of the ninth ACM symposium on Access control models and technologies
Stack-based access control and secure information flow
Journal of Functional Programming
Finding security vulnerabilities in java applications with static analysis
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Interprocedural analysis for privileged code placement and tainted variable detection
ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming
Hi-index | 0.00 |
In J2EE and .NET roles are assigned to methods using external configuration files, called the deployment descriptors. Assigning roles to methods, although conceptually simple, in practice it is quite complicated. For instance, in order for a deployer to assign a role r to a method m, the deployer must understand the set of roles R that are assigned to each method n that can be invoked directly or indirectly from m, and that r has to be "consistently" assigned with respect R. Understanding such role consistency is a non-trivial task. Also, in J2EE roles are defined with respect to method access and not data access. Therefore, in order to protect sensitive data, one has to encode data access control using method access control. This can lead to interesting and subtle access control problems when accessing sensitive data, including information leakage through data flow from one method to another.In this paper we focus on data-centric security by presenting two concepts: Role Analysis: We present a simple interprocedural static analysis for detecting security problems when objects are accessed by multiple methods that do not have compatible or consistent assignment of roles. We then introduce the notion of an object "escaping" a role and present a simple interprocedural static analysis for computing the set of objects that may escape a role. Consistency-Based Security and Role Typestates: We extend J2EE method-based role assignment to consistency-based role assignment. In this paper we will focus on assigning roles to typestates rather than methods.