Complete sets of transformations for general E-unification
Theoretical Computer Science - Second Conference on Rewriting Techniques and Applications, Bordeaux, May 1987
PLDI '91 Proceedings of the ACM SIGPLAN 1991 conference on Programming language design and implementation
A type system for Java bytecode subroutines
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dynamic class loading in the Java virtual machine
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A type system for object initialization in the Java bytecode language
ACM Transactions on Programming Languages and Systems (TOPLAS)
Static enforcement of security with types
ICFP '00 Proceedings of the fifth ACM SIGPLAN international conference on Functional programming
SAFKASI: a security mechanism for language-based systems
ACM Transactions on Software Engineering and Methodology (TOSEM)
Representation independence, confinement and access control [extended abstract]
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Stack inspection: theory and variants
POPL '02 Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Java Virtual Machine Specification
Java Virtual Machine Specification
Java bytecode as a typed term calculus
Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programming
Access rights analysis for Java
OOPSLA '02 Proceedings of the 17th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
Inside Java(TM) 2 Platform Security: Architecture, API Design, and Implementation
The Logical Abstract Machine: A Curry-Howard Isomorphism for Machine Code
FLOPS '99 Proceedings of the 4th Fuji International Symposium on Functional and Logic Programming
Byte Code Verification for Java Smart Card Based on Model Checking
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
An Operational Semantics of Java 2 Access Control
CSFW '00 Proceedings of the 13th IEEE workshop on Computer Security Foundations
Journal of Automated Reasoning
Journal of Automated Reasoning
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
A Type System for the Java Bytecode Language and Verifier
Journal of Automated Reasoning
IRM Enforcement of Java Stack Inspection
SP '00 Proceedings of the 2000 IEEE Symposium on Security and Privacy
A systematic approach to static access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Trace effects and object orientation
PPDP '05 Proceedings of the 7th ACM SIGPLAN international conference on Principles and practice of declarative programming
A tail-recursive semantics for stack inspections
ESOP'03 Proceedings of the 12th European conference on Programming
Type safe dynamic linking for JVM access control
Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming
A proof theory for machine code
ACM Transactions on Programming Languages and Systems (TOPLAS)
Types and trace effects of higher order programs
Journal of Functional Programming
Types and trace effects for object orientation
Higher-Order and Symbolic Computation
Policy-based attestation of service behavior for establishing rigorous trust
OTM'10 Proceedings of the 2010 international conference on On the move to meaningful internet systems - Volume Part I
Modeling the Java Bytecode Verifier
Science of Computer Programming
| Hi-index | 0.00 |
This article presents a static type system for the Java virtual machine (JVM) code that enforces an access control mechanism similar to that found in a Java implementation. In addition to verifying type consistency of a given JVM code, the type system statically verifies whether the code accesses only those resources that are granted by the prescribed access policy. The type system is proved to be sound with respect to an operational semantics that enforces access control dynamically, similar to Java stack inspection. This result ensures that “well-typed code cannot violate access policy.” The authors then develop a type inference algorithm and show that it is sound with respect to the type system. These results allow us to develop a static system for JVM access control, without resorting to costly runtime stack inspection.