A security framework for reflective Java']Java applications

被引:1
|
作者
Caromel, D [1 ]
Vayssière, J [1 ]
机构
[1] INRIA Sophia Antipolis, F-06902 Sophia Antipolis, France
来源
SOFTWARE-PRACTICE & EXPERIENCE | 2003年 / 33卷 / 09期
关键词
reflection; security; access control; !text type='Java']Java[!/text; components;
D O I
10.1002/spe.528
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
The advent of component-based reflective applications raises the issue of protecting baselevel components from the actions performed by metalevel components. However, by their very nature, reflective applications are far more difficult to secure than non-reflective applications, which certainly explains why the problem has received very little attention so far. In this paper we present a security framework for enforcing access control between metalevel components and the baselevel components they reflect on. Rather than designing a new security architecture from scratch, we extend the standard security architecture of Java to provide security for a fully-functional proxy-based MOP for Java. We implement a number of well-known meta-level behaviors and study their security requirements, the results of which support our design choices. Copyright (C) 2003 John Wiley Sons, Ltd.
引用
收藏
页码:821 / 846
页数:26
相关论文
共 50 条
  • [1] Java']Java framework for search applications
    Jeng, JJ
    Kozakov, L
    Lumelsky, S
    [J]. 2003 SYMPOSIUM ON APPLICATIONS AND THE INTERNET, PROCEEDINGS, 2003, : 136 - 146
  • [2] A security infrastructure for distributed Java']Java applications
    Balfanz, D
    Dean, D
    Spreitzer, M
    [J]. 2000 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2000, : 15 - 26
  • [3] A robust framework for building Java']Java applications
    Jwo, JS
    Cheng, HM
    [J]. COMPUTER SCIENCE AND TECHNOLOGY IN NEW CENTURY, 2001, : 506 - 510
  • [4] SecureQualitas: A Security Corpus of Real Java']Java Applications
    Benabidallah, Raounak
    Sadou, Salah
    Borne, Isabelle
    [J]. 2019 INTERNATIONAL CONFERENCE ON CYBER SECURITY FOR EMERGING TECHNOLOGIES (CSET), 2019,
  • [5] An extensible framework for testing distributed Java']Java applications
    Ghosh, S
    Bawa, N
    Craig, G
    Kalgaonkar, K
    [J]. JOURNAL OF RESEARCH AND PRACTICE IN INFORMATION TECHNOLOGY, 2001, 33 (02): : 120 - 132
  • [6] Metaprogramming framework for generating persistent Java']Java applications
    Laszlo, Zoltan
    Glamseter, Steinar
    [J]. PROCEEDINGS OF THE 10TH IASTED INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING AND APPLICATIONS, 2006, : 99 - +
  • [7] Sync: A Java']Java framework for mobile collaborative applications
    Munson, JP
    Dewan, P
    [J]. COMPUTER, 1997, 30 (06) : 59 - &
  • [8] OpenJIT: An open-ended, reflective JIT compiler framework for Java']Java
    Ogawa, H
    Shimura, K
    Matsuoka, S
    Maruyama, F
    Sohda, Y
    Kimura, Y
    [J]. ECOOP 2000 - OBJECT-ORIENTED PROGRAMMING, 2000, 1850 : 362 - 387
  • [9] Secure JAVA']JAVA applets and applications: Guidelines and lessons learnt from the JAVA']JAVA security model
    Bichindaritz, I
    Siadak, MF
    Jocom, J
    Moinpour, C
    Donaldson, G
    Bush, N
    Chapko, M
    Sullivan, KM
    [J]. JOURNAL OF THE AMERICAN MEDICAL INFORMATICS ASSOCIATION, 1999, : 1028 - 1028
  • [10] An Automated Framework for Migrating Java']Java Applications to Ethereum Solidity Applications
    Fajge, Akshay M.
    Thakur, Siddharth
    Kumar, Rahul
    Halder, Raju
    [J]. 2021 3RD CONFERENCE ON BLOCKCHAIN RESEARCH & APPLICATIONS FOR INNOVATIVE NETWORKS AND SERVICES (BRAINS), 2021, : 1 - 3
12345