Static check analysis for Java']Java stack inspection

被引：3

作者：

Chang, Byeong-Mo ^{[1
]}

机构：

[1] Sookmyung Womens Univ, Dept Comp Sci, Seoul 140742, South Korea

来源：

ACM SIGPLAN NOTICES | 2006年 / 41卷 / 03期

关键词：

!text type='java']java[!/text; stack inspection; security; static analysis;

D O I：

10.1145/1140543.1140550

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

Most static analysis techniques for optimizing stack inspection approximate permission sets such as granted permissions and denied permissions. Because they compute permission sets following control flow, they usually take intra-procedural control flow into consideration as well as call relationship. In this paper, we observed that it is necessary for more precise optimization on stack inspection to compute more specific information on checks instead of permissions. We propose a backward static analysis based on simple call graph to approximate redundant permission checks which must fail. In a similar way, we also propose a backward static analysis to approximate success permission checks, which must pass stack inspection.

引用

页码：40 / 48

页数：9

共 50 条

[1] Understanding Java']Java stack inspection
Wallach, DS
Felten, EW
[J]. 1998 IEEE SYMPOSIUM ON SECURITY AND PRIVACY - PROCEEDINGS, 1998, : 52 - 63
[2] IRM enforcement of Java']Java stack inspection
Erlingsson, U
Schneider, FB
[J]. 2000 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS, 2000, : 246 - 255
[3] A Comparative Analysis of Static Code Analysis Tools that check Java']Java Code Adherence to Java']Java Coding Standards
Ashfaq, Qirat
Khan, Rimsha
Farooq, Sehrish
[J]. 2019 2ND INTERNATIONAL CONFERENCE ON COMMUNICATION, COMPUTING AND DIGITAL SYSTEMS (C-CODE), 2019, : 98 - 103
[4] A static Java']Java birthmark based on operand stack behaviors
Park, Heewan
Lim, Hyun-il
Choi, Seokwoo
Han, Taisook
[J]. PROCEEDINGS OF THE SECOND INTERNATIONAL CONFERENCE ON INFORMATION SECURITY AND ASSURANCE, 2008, : 133 - 136
[5] Java']Java & static analysis
Chaturvedi, A
[J]. DR DOBBS JOURNAL, 2005, 30 (07): : 25 - +
[6] Operand Stack Dependence Based Java']Java Static Software Birthmark
Wang, Yong
Liu, Fenlin
Zhao, Zheng
Lu, Bin
Xie, Xin
[J]. 2013 10TH INTERNATIONAL CONFERENCE ON FUZZY SYSTEMS AND KNOWLEDGE DISCOVERY (FSKD), 2013, : 1090 - 1095
[7] Static Analysis of Malicious Java']Java Applets
Ganesh, Nikitha
Di Troia, Fabio
Corrado, Visaggio Aaron
Austin, Thomas H.
Stamp, Mark
[J]. IWSPA'16: PROCEEDINGS OF THE 2016 ACM INTERNATIONAL WORKSHOP ON SECURITY AND PRIVACY ANALYTICS, 2016, : 58 - 63
[8] JDQL: A framework for Java']Java Static Analysis
Saxena, Amitabh
Soundrapandian, Pradeepkumar Duraisamy
Sharma, Vibhu Saujanya
Kaulgud, Vikrant
[J]. PROCEEDINGS OF THE 9TH INDIA SOFTWARE ENGINEERING CONFERENCE, 2016, : 136 - 140
[9] Static analysis of XML transformations in java']java
Kirkegaard, C
Moller, A
Schwartzbach, MI
[J]. IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2004, 30 (03) : 181 - 192
[10] Static Analysis of Java']Java Dynamic Proxies
Fourtounis, George
Kastrinis, George
Smaragdakis, Yannis
[J]. ISSTA'18: PROCEEDINGS OF THE 27TH ACM SIGSOFT INTERNATIONAL SYMPOSIUM ON SOFTWARE TESTING AND ANALYSIS, 2018, : 209 - 220

← 1 2 3 4 5 →