Capabilities for Java']Java: Secure Access to Resources

被引:2
|
作者
Hayes, Ian J. [1 ]
Wu, Xi [1 ]
Meinicke, Larissa A. [1 ]
机构
[1] Univ Queensland, Sch ITEE, Brisbane, Qld 4072, Australia
来源
PROGRAMMING LANGUAGES AND SYSTEMS (APLAS 2017) | 2017年 / 10695卷
基金
澳大利亚研究理事会;
关键词
D O I
10.1007/978-3-319-71237-6_4
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper explores adding capabilities to Java with the objective of tightening security management for access to resources both within the Java Class Library and Java applications. Code can only access resources if it is given explicit capabilities, allowing replacement of the use of doPrivileged blocks. Capabilities provide restricted access to their implementing object - like an interface - but when a capability is created, it has a more restrictive dynamic type than its implementing object, and hence access to the full facilities of the implementing object (e.g. via down casting) are precluded. We used the Annotation Processing Tool to track the declaration and use of capabilities.
引用
收藏
页码:67 / 84
页数:18
相关论文
共 50 条
  • [1] Using access control for secure information flow in a Java']Java-like language
    Banerjee, A
    Naumann, DA
    16TH IEEE COMPUTER SECURITY FOUNDATIONS WORKSHOP, PROCEEDINGS, 2003, : 155 - 169
  • [2] Secure Java']Java class loading
    Li, G
    IEEE INTERNET COMPUTING, 1998, 2 (06) : 56 - 61
  • [3] A secure Java']Java™ Virtual Machine
    van Doom, L
    USENIX ASSOCIATION PROCEEDINGS OF THE NINTH USENIX SECURITY SYMPOSIUM, 2000, : 19 - 34
  • [4] Secure Java']Java development with UML
    Jürjens, J
    ADVANCES IN NETWORK AND DISTRIBUTED SYSTEMS SECURITY, 2001, 78 : 107 - 124
  • [5] Building secure Java']Java RMI servers
    Marques, P
    DR DOBBS JOURNAL, 2002, 27 (11): : 36 - +
  • [6] Mechanisms for secure modular programming in Java']Java
    Bauer, L
    Appel, AW
    Felten, EW
    SOFTWARE-PRACTICE & EXPERIENCE, 2003, 33 (05): : 461 - 480
  • [7] Enforcing Secure Object Initialization in Java']Java
    Hubert, Laurent
    Jensen, Thomas
    Monfort, Vincent
    Pichardie, David
    COMPUTER SECURITY-ESORICS 2010, 2010, 6345 : 101 - +
  • [8] Secure object sharing in Java']Java Card
    Montgomery, M
    Krishna, K
    PROCEEDINGS OF THE USENIX WORKSHOP ON SMARTCARD TECHNOLOGY (SMARTCARD '99), 1999, : 119 - 127
  • [9] Secure Refactoring with Java']Java Information Flow
    Helke, Steffen
    Kammuller, Florian
    Probst, Christian W.
    DATA PRIVACY MANAGEMENT, AND SECURITY ASSURANCE, 2016, 9481 : 264 - 272
  • [10] Access rights analysis for Java']Java
    Koved, L
    Pistoia, M
    Kershenbaum, A
    ACM SIGPLAN NOTICES, 2002, 37 (11) : 359 - 372
12345