Abstract
This article presents a static type system for the Java virtual machine (JVM) code that enforces an access control mechanism similar to that found in a Java implementation. In addition to verifying type consistency of a given JVM code, the type system statically verifies whether the code accesses only those resources that are granted by the prescribed access policy. The type system is proved to be sound with respect to an operational semantics that enforces access control dynamically, similar to Java stack inspection. This result ensures that “well-typed code cannot violate access policy.” The authors then develop a type inference algorithm and show that it is sound with respect to the type system. These results allow us to develop a static system for JVM access control, without resorting to costly runtime stack inspection.
- Banerjee, A. and Naumann, D. 2001. A simple semantics and static analysis for Java security. CS Rep. AI-068-85, Stevens Institute of Technology.Google Scholar
- Banerjee, A. and Naumann, D. 2002. Representation independence, confinement, and access control. In Proceedings of the Symposium on Principles of Programming Languages. 166--177. Google Scholar
Digital Library
- Barthe, G. and Dufay, G. 2004. Certified bytecode verification. In Proceedings of the International Conference on Fundamental Approaches to Software Engineering. Lecture Notes in Computer Science, vol. 2984. Springer Verlag, Berlin. 99--113.Google Scholar
- Cartwright, R. and Fagan, M. 1991. Soft typing. In Proceedings of the ACM SIGPLAN Conference on Programming Language Design and Implementation. 278--292. Google Scholar
Digital Library
- Clements, J. and Felleisen, M. 2003. A tail-recursive semantics for stack inspections. In European Symposium on Programming. Lecture Notes in Computer Science, vol. 2618. Springer Verlag, Berlin. 22--37. Google Scholar
Digital Library
- Erlingsson, U. and Shneider, F. 2000. RM enforcement of Java stack inspection. In Proceedings of the IEEE Symposium on Security and Privacy. 246--255. Google Scholar
Digital Library
- Fournet, C. and Gordon, A. 2002. Stack inspection: Theory and variants. In Proceedings of the Symposium on Principles of Programming Languages. 307--318. Google Scholar
Digital Library
- Freund, S. and Mitchell, J. 1999. The type system for object initialization in the Java bytecode language. ACM Trans. Program. Lang. Syst. 21, 6, 1196--1250. Google Scholar
Digital Library
- Freund, S. and Mitchell, J. 2003. A type system for the Java bytecode language and verifier. J. Autom. Reasoning 30, 3--4, 271--321. Google Scholar
Digital Library
- Gallier, J. and Snyder, W. 1989. Complete sets of transformations for general E-Unification. Theor. Comput. Sci. 67, 2, 203--260. Google Scholar
Digital Library
- Gong, L. 1999. Inside JavaTM 2 Platform Security. Addison-Wesley, Reading, MA. Google Scholar
Digital Library
- Gong, L. and Schemers, R. 1998. Implementing protection domains in the Java development kit 1.2. In Internet Society Symposium on Network and Distributed System Security. 125--134.Google Scholar
- Higuchi, T. and Ohori, A. 2002. Java bytecode as a typed term calculus. In Proceedings of the International Conference on Principles and Practice of Declarative Programming. 201--211. Google Scholar
Digital Library
- Karjoth, G. 2000. An operational semantics of Java 2 access control. In IEEE Computer Security Foundations Workshop. 224--232. Google Scholar
Digital Library
- Klein, C. and Wildmoser, M. 2003. Verified bytecode subroutines. J. Autom. Reasoning 30, 3--4, 363--398. Google Scholar
Digital Library
- Koved, L., Pistoia, M., and Kershenbaum, A. 2002. Access rights analysis for Java. In Proceedings of the Conference on Object-Oriented Programming Systems, Languages and Applications. 359--372. Google Scholar
Digital Library
- Leroy, X. 1992. Polymorphic typing of an algorithmic language. Ph.D. thesis, University of Paris VII.Google Scholar
- Leroy, X. 2003. Java bytecode verification: Algorithms and formalizations. J. Autom. Reasoning 30, 3--4, 235--269. Google Scholar
Digital Library
- Liang, S. and Bracha, G. 1998. Dynamic class loading in the Java virtual machine. In Proceedings of the ACM Conference on Object-Oriented Programming Systems, Languages and Applications. 36--44. Google Scholar
Digital Library
- Lindholm, T. and Yellin, F. 1999. The Java Virtual Machine Specification, 2nd Ed. Addison Wesley, Reading, MA. Google Scholar
Digital Library
- Nipkow, T. 2003. Java bytecode verification, editorial introduction to the special issue. J. Autom. Reasoning 30, 3--4, 233--233. Google Scholar
Digital Library
- Ohori, A. 1999. The logical abstract machine: A Curry-Howard isomorphism for machine code. In Proceedings of International Symposium on Functional and Logic Programming. Lecture Notes in Computer Science, vol. 1722. Springer Verlag, Berlin. 300--318. Google Scholar
Digital Library
- Posegga, J. and Vogt, H. 1998. Byte code verification for Java smart card based on model checking. In Proceedings of the European Symposium on Research in Computer Security. Lecture Notes in Computer Science, vol. 1485. Springer Verlag, Berlin. 175--190. Google Scholar
Digital Library
- Pottier, F., Skalka, C., and Smith, S. 2005. A systematic approach to static access control. ACM Trans. Program. Lang. Syst. 27, 2, 344--382. Google Scholar
Digital Library
- Skalka, C. 2005. Trace effects and object orientation. In Proceedings of the ACM Conference on Principles and Practice of Declarative Programming. 139--150. Google Scholar
Digital Library
- Skalka, C. and Smith, S. 2004. History effects and verification. In Proceedings of the Asian Symposium on Programming Languages and Systems. Lecture Notes in Computer Science. Springer Verlag, Berlin. 107--128.Google Scholar
- Skalka, S. and Smith, S. 2000. Static enforcement of security with types. In Proceedings of the International Conference on Functional Programming. 34--45. Google Scholar
Digital Library
- Stata, R. and Abadi, M. 1998. A type system for Java bytecode subroutines. In Proceedings of the Symposium on Principles of Programming Languages. 149--160. Google Scholar
Digital Library
- Wallach, D. 1998. Understanding Java stack inspection. In Proceedings of the IEEE Symposium on Security and Privacy. 52--63.Google Scholar
Cross Ref
- Wallach, D., Appel, A., and Felten, E. 2000. Safkasi: A security mechanism for language-based systems. ACM Trans. Softw. Eng. Methodol. 9, 341--378. Google Scholar
Digital Library
Index Terms
A static type system for JVM access control
Recommendations
A static type system for JVM access control
ICFP '03: Proceedings of the eighth ACM SIGPLAN international conference on Functional programmingThis paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access control mechanism similar to the one found, for example, in a JAVA implementation. In addition to verifying type consistency of a given JVM code, the ...
A static type system for JVM access control
This paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access control mechanism similar to the one found, for example, in a JAVA implementation. In addition to verifying type consistency of a given JVM code, the ...
Java bytecode as a typed term calculus
PPDP '02: Proceedings of the 4th ACM SIGPLAN international conference on Principles and practice of declarative programmingWe propose a type system for the Java bytecode language, prove the type soundness, and develop a type inference algorithm. In contrast to the existing proposals, our type system yields a typed term calculus similar to type systems of lambda calculi. ...






Comments