Capabilities for Java']Java: Secure Access to Resources

被引:2
|
作者
Hayes, Ian J. [1 ]
Wu, Xi [1 ]
Meinicke, Larissa A. [1 ]
机构
[1] Univ Queensland, Sch ITEE, Brisbane, Qld 4072, Australia
来源
PROGRAMMING LANGUAGES AND SYSTEMS (APLAS 2017) | 2017年 / 10695卷
基金
澳大利亚研究理事会;
关键词
D O I
10.1007/978-3-319-71237-6_4
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper explores adding capabilities to Java with the objective of tightening security management for access to resources both within the Java Class Library and Java applications. Code can only access resources if it is given explicit capabilities, allowing replacement of the use of doPrivileged blocks. Capabilities provide restricted access to their implementing object - like an interface - but when a capability is created, it has a more restrictive dynamic type than its implementing object, and hence access to the full facilities of the implementing object (e.g. via down casting) are precluded. We used the Annotation Processing Tool to track the declaration and use of capabilities.
引用
收藏
页码:67 / 84
页数:18
相关论文
共 50 条
  • [21] Secure self-certified code for Java']Java
    Debbabi, M
    Desharnais, J
    Fourati, M
    Menif, E
    Painchaud, F
    Tawbi, N
    FORMAL ASPECTS OF SECURITY, 2003, 2629 : 133 - 151
  • [22] A secure object sharing scheme for Java']Java Card
    Zhang, JQ
    Varadharajan, V
    Mu, Y
    INFORMATION AND COMMUNICATIONS SECURITY, PROCEEDINGS, 2002, 2513 : 243 - 251
  • [23] Secure object flow analysis for Java']Java Card
    Éluard, M
    Jensen, T
    USENIX ASSOCIATION AND IFIP WG 8.8 (SMART CARDS) PROCEEDINGS OF CARDIS '02 FIFTH SMART CARD RESEARCH AND ADVANCED APPLICATION CONFERENCE, 2002, : 97 - 110
  • [24] Security Enhanced Java']Java: Mandatory Access Control for the Java']Java Virtual Machine
    Venelle, Benjamin
    Briffaut, Jeremy
    Clevy, Laurent
    Toinard, Christian
    2013 IEEE 16TH INTERNATIONAL SYMPOSIUM ON OBJECT/COMPONENT/SERVICE-ORIENTED REAL-TIME DISTRIBUTED COMPUTING (ISORC), 2013,
  • [25] Java']Java parallel secure stream for grid computing
    Chen, J
    Akers, W
    Chen, Y
    Watson, W
    PROCEEDINGS OF CHEP 2001, 2001, : 668 - 671
  • [26] Secure Coding Practices in Java']Java: Challenges and Vulnerabilities
    Meng, Na
    Nagy, Stefan
    Yao, Danfeng
    Zhuang, Wenjie
    Argoty, Gustavo Arango
    PROCEEDINGS 2018 IEEE/ACM 40TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING (ICSE), 2018, : 372 - 383
  • [27] Secure JAVA']JAVA applets and applications: Guidelines and lessons learnt from the JAVA']JAVA security model
    Bichindaritz, I
    Siadak, MF
    Jocom, J
    Moinpour, C
    Donaldson, G
    Bush, N
    Chapko, M
    Sullivan, KM
    JOURNAL OF THE AMERICAN MEDICAL INFORMATICS ASSOCIATION, 1999, : 1028 - 1028
  • [28] Java']Java access protection through typing
    Rose, E
    Rose, KH
    CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2001, 13 (13): : 1125 - 1132
  • [29] A distributed access control model for Java']Java
    Molva, R
    Roudier, Y
    COMPUTER SECURITY - ESORICS 2000, PROCEEDINGS, 2000, 1895 : 291 - 308
  • [30] A Secure Framework and Related Protocols for Ubiquitous Access to Electronic Health Records Using Java']Java SIM Cards
    Hassanzadeh, Reza
    Sahama, Tony
    Fidge, Colin
    E-HEALTH, 2010, 335 : 102 - 113
12345