Verifying temporal properties without temporal logic
ACM Transactions on Programming Languages and Systems (TOPLAS)
Enforcing trace properties by program transformation
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Proceedings of the 27th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
SASI enforcement of security policies: a retrospective
Proceedings of the 1999 workshop on New security paradigms
ACM Transactions on Information and System Security (TISSEC)
Resource access control in systems of mobile agents
Information and Computation
Adaptive Object-Oriented Software: The Demeter Method with Propagation Patterns
Adaptive Object-Oriented Software: The Demeter Method with Propagation Patterns
Java Virtual Machine Specification
Java Virtual Machine Specification
The Essence of the Visitor Pattern
COMPSAC '98 Proceedings of the 22nd International Computer Software and Applications Conference
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
Compiling with proofs
An Overview of the Runtime Verification Tool Java PathExplorer
Formal Methods in System Design
Logic in Computer Science: Modelling and Reasoning about Systems
Logic in Computer Science: Modelling and Reasoning about Systems
ACM Transactions on Programming Languages and Systems (TOPLAS)
Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley))
Java(TM) Language Specification, The (3rd Edition) (Java (Addison-Wesley))
Programming with heterogeneous structures: manipulating XML data using bondi
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
A relational account of objects
ACSC '06 Proceedings of the 29th Australasian Computer Science Conference - Volume 48
Enforcing Java run-time properties using bytecode rewriting
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
ESOP'06 Proceedings of the 15th European conference on Programming Languages and Systems
Language-based information-flow security
IEEE Journal on Selected Areas in Communications
Journal of Functional Programming
Hi-index | 0.00 |
Research on security techniques for Java bytecode has paid little attention to the security of the implementations of the techniques themselves, assuming that ordinary tools for programming, verification and testing are sufficient for security. However, different categories of security policies and mechanisms usually require different implementations. Each implementation requires extensive effort to test it and/or verify it.We show that programming with well-typed pattern structures in a statically well-typed language makes it possible to implement static byte-code verification in a fully type-safe and highly adaptive way, with security policies being fed in as first-order parameters, reduces the effort required to verify security of an implementation itself and the programming need for new policies. Also bytecode instrumentation can be handled in exactly the same way. The approach aims at reducing the workload of building and understanding distributed systems, especially those of mobile code.