Call graph construction in object-oriented languages
Proceedings of the 12th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Scalable propagation-based call graph construction algorithms
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
An efficient security verification method for programs with stack inspection
CCS '01 Proceedings of the 8th ACM conference on Computer and Communications Security
Model checking security properties of control flow graphs
Journal of Computer Security
Principles of Program Analysis
Principles of Program Analysis
Java Language Specification, Second Edition: The Java Series
Java Language Specification, Second Edition: The Java Series
Secure calling contexts for stack inspection
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Stack inspection: Theory and variants
ACM Transactions on Programming Languages and Systems (TOPLAS)
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
From Stack Inspection to Access Control: A Security Analysis for Libraries
CSFW '04 Proceedings of the 17th IEEE workshop on Computer Security Foundations
Stack inspection and secure program transformations
International Journal of Information Security - Special issue on security in global computing
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Visualization of permission checks in java using static analysis
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Component-based access control: secure software composition through static analysis
SC'08 Proceedings of the 7th international conference on Software composition
Hi-index | 0.00 |
Most static analysis techniques for optimizing stack inspection approximate permission sets such as granted permissions and denied permissions. Because they compute permission sets following control flow, they usually take intra-procedural control flow into consideration as well as call relationship. In this paper, we observed that it is necessary for more precise optimization on stack inspection to compute more specific information on checks instead of permissions. We propose a backward static analysis based on simple call graph to approximate redundant permission checks which must fail. In a similar way, we also propose a backward static analysis to approximate success permission checks, which must pass stack inspection.