Capabilities for Java']Java: Secure Access to Resources

被引:2
|
作者
Hayes, Ian J. [1 ]
Wu, Xi [1 ]
Meinicke, Larissa A. [1 ]
机构
[1] Univ Queensland, Sch ITEE, Brisbane, Qld 4072, Australia
来源
PROGRAMMING LANGUAGES AND SYSTEMS (APLAS 2017) | 2017年 / 10695卷
基金
澳大利亚研究理事会;
关键词
D O I
10.1007/978-3-319-71237-6_4
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
This paper explores adding capabilities to Java with the objective of tightening security management for access to resources both within the Java Class Library and Java applications. Code can only access resources if it is given explicit capabilities, allowing replacement of the use of doPrivileged blocks. Capabilities provide restricted access to their implementing object - like an interface - but when a capability is created, it has a more restrictive dynamic type than its implementing object, and hence access to the full facilities of the implementing object (e.g. via down casting) are precluded. We used the Annotation Processing Tool to track the declaration and use of capabilities.
引用
收藏
页码:67 / 84
页数:18
相关论文
共 50 条
  • [31] Tracking linear and affine resources with JAVA']JAVA(X)
    Degen, Markus
    Thiemann, Peter
    Wehr, Stefan
    ECOOP 2007 - OBJECT-ORIENTED PROGRAMMING, PROCEEDINGS, 2007, 4609 : 550 - +
  • [32] COLONIAL CONTROL AND PEASANT RESOURCES IN JAVA']JAVA - VANSCHAIK,A
    HIGGINS, B
    BULLETIN OF INDONESIAN ECONOMIC STUDIES, 1990, 26 (01) : 137 - 141
  • [33] AES algorithm implemented for PDA secure communication with Java']Java
    Liu Niansheng
    Guo Donghui
    Huang Jiaxiang
    2007 INTERNATIONAL WORKSHOP ON ANTI-COUNTERFEITING, SECURITY, AND IDENTIFICATION, 2007, : 217 - +
  • [34] Secure execution of Java']Java applets using a remote playground
    Malkhi, D
    Reiter, MK
    IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2000, 26 (12) : 1197 - 1209
  • [35] The Java']Java secure socket extensions - Authenticating and encrypting connections
    Angell, KW
    DR DOBBS JOURNAL, 2001, 26 (02): : 21 - +
  • [36] Tutorial: Principles and Practices of Secure Crypto Coding in Java']Java
    Rahaman, Sazzadur
    Meng, Na
    Yao, Danfeng
    2018 IEEE CYBERSECURITY DEVELOPMENT CONFERENCE (SECDEV 2018), 2018, : 122 - 123
  • [37] Towards secure downloadable executable content: The JAVA']JAVA paradigm
    Iliadis, J
    Gritzalis, S
    Oikonomou, V
    COMPUTER SAFETY, RELIABILITY AND SECURITY, 1998, 1516 : 117 - 127
  • [38] Secure execution of Java']Java applets using a remote playground
    Malkhi, D
    Reiter, MK
    Rubin, AD
    1998 IEEE SYMPOSIUM ON SECURITY AND PRIVACY - PROCEEDINGS, 1998, : 40 - 51
  • [39] Tutorial: Principles and Practices of Secure Cryptographic Coding in Java']Java
    Xiao, Ya
    Frantz, Miles
    Afrose, Sharmin
    Rahaman, Sazzadur
    Yao, Danfeng
    2020 IEEE SECURE DEVELOPMENT (SECDEV 2020), 2020, : 5 - 6
  • [40] Secure Residential Gateways OSGi services with Java']Java Cards
    Sanchez Sanchez, Juan Jesus
    Madrid, Natividad Martinez
    Seepold, Ralf
    CIRCUITS AND SYSTEMS FOR SIGNAL PROCESSING , INFORMATION AND COMMUNICATION TECHNOLOGIES, AND POWER SOURCES AND SYSTEMS, VOL 1 AND 2, PROCEEDINGS, 2006, : 832 - 835
12345