skip to main content
article
Free Access

Encapsulating objects with confined types

Published:01 October 2007Publication History
Skip Abstract Section

Abstract

Object-oriented languages provide little support for encapsulating objects. Reference semantics allows objects to escape their defining scope, and the pervasive aliasing that ensues remains a major source of software defects. This paper presents Kacheck/J, a tool for inferring object encapsulation properties of large Java programs. Our goal is to develop practical tools to assist software engineers, thus we focus on simple and scalable techniques. Kacheck/J is able to infer confinement—the property that all instances of a given type are encapsulated in their defining package. This simple property can be used to identify accidental leaks of sensitive objects, as well as for compiler optimizations. We report on the analysis of a large body of code and discuss language support and refactoring for confinement.

References

  1. Aldrich, J., Kostadinov, V., and Chambers, C. 2002. Alias annotations for program understanding. In Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages, and Appplications (OOPSLA), (Nov.). ACM, New York, 311--330. Google ScholarGoogle ScholarDigital LibraryDigital Library
  2. Almeida, P. S. 1997. Balloon types: Controlling sharing of state in data types. In ECOOP'97---Object-Oriented Programming, 11th European Conference (Jyväskylä, Finland, June 9--13). Lecture Notes in Computer Science, vol. 1241. Springer-Verlag, New York, 32--59.Google ScholarGoogle Scholar
  3. Almeida, P. S. 1999. Type-checking balloon types. Elect. Notes Theoret. Comput. Sci. 20.Google ScholarGoogle Scholar
  4. Banerjee, A. and Naumann, D. A. 2002. Representation independence, confinement and access control. In Proceedings of POPL'02, SIGPLAN--SIGACT Symposium on Principles of Programming Languages. 166--177. Google ScholarGoogle ScholarDigital LibraryDigital Library
  5. Barnett, M., DeLine, R., Fähndrich, M., Rustan, K., Leino, M., and Schulte, W. 2004. Verification of object-oriented programs with invariants. J. Obj. Tech. 3, 27--56. (Preliminary version in Proceedings of 5th Workshop on Formal Techniques for Java-like Programs, 2003).Google ScholarGoogle ScholarCross RefCross Ref
  6. Blanchet, B. 1999. Escape analysis for object oriented languages. application to Java. In OOPSLA'99 ACM Conference on Object-Oriented Systems, Languages and Applications (Denver, CO, Oct.). ACM SIGPLAN Notices 34, 10, ACM, New York, 35--46. Google ScholarGoogle ScholarDigital LibraryDigital Library
  7. Blanchet, B. 2003. Escape analysis for Java: Theory and practice. ACM Trans. Program. Lang. Syst. 25, 6, 713--775. Google ScholarGoogle ScholarDigital LibraryDigital Library
  8. Bogda, J. and Hölzle, U. 1999. Removing unnecessary synchronization in Java. In OOPSLA'99 ACM Conference on Object-Oriented Systems, Languages and Applications (Denver, CO. Oct.). ACM SIGPLAN Notices 34, 10. ACM, New York, 35--46. Google ScholarGoogle ScholarDigital LibraryDigital Library
  9. Bokowski, B. 1999. CoffeeStrainer: Statically-checked constraints on the definition and use of types in Java. In Proceedings of ESEC/FSE'99 (Toulouse, France, Sept). 355--374. Google ScholarGoogle ScholarDigital LibraryDigital Library
  10. Bokowski, B. and Vitek, J. 1999. Confined types. In Proceedings of the 14th Annual ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages, and Applications (OOPSLA'99) (Denver, CO., Nov.). ACM, New York, 82--96. Google ScholarGoogle ScholarDigital LibraryDigital Library
  11. Boyapati, C., Lee, R., and Rinard, M. 2002. Ownership types for safe programming: Preventing data races and deadlocks. In Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages, and Appplications (OOPSLA), (Nov.), ACM New York, 211--230. Google ScholarGoogle ScholarDigital LibraryDigital Library
  12. Boyapati, C., Salcianu, A., Beebee, W., and Rinard, M. 2003. Ownership types for safe region-based memory management in real-time Java. In Proceedings of the ACM Conference on Programming Language Design and Implementation (June). ACM, New York, 324--337. Google ScholarGoogle ScholarDigital LibraryDigital Library
  13. Boyland, J. 2001. Alias burying: Unique variables without destructive reads. Softw.---Pract. Exper. 31, 6, 533--553. Google ScholarGoogle ScholarDigital LibraryDigital Library
  14. Boyland, J., Noble, J., and Retert, W. 2001. Capabilities for aliasing: A generalisation of uniqueness and read-only. In ECOOP'01---Object-Oriented Programming, 15th European Conference. Lecture Notes in Computer Science, vol. 2072. Springer Verlag, New York, 2--27. Google ScholarGoogle ScholarDigital LibraryDigital Library
  15. Clarke, D. 2001. Object ownership and containment. Ph.D. dissertation. School of Computer Science and Engineering, University of New South Wales, Sydney, Australia. Google ScholarGoogle ScholarDigital LibraryDigital Library
  16. Clarke, D., Richmond, M., and Noble, J. 2003. Saving the world from bad beans: Deployment-time confinement checking. In Proceedings of the ACM Conference on Object-Oriented Programming, Systems, Languages, and Appplications (OOPSLA) (Anaheim, CA, Nov.). ACM, New York, 374--387. Google ScholarGoogle ScholarDigital LibraryDigital Library
  17. Clarke, D. and Wrigstad, T. 2003. External uniqueness. In Proceedings of the 10th Workshop on Foundations of Object-Oriented Languages (FOOL), (New Orleans, LA, Jan.).Google ScholarGoogle Scholar
  18. Clarke, D. G., Potter, J. M. and Noble, J. 1998. Ownership types for flexible alias protection. In OOPSLA '98 Conference Proceedings. ACM SIGPLAN Notices 33, 10 (Oct.), 48--64. Google ScholarGoogle ScholarDigital LibraryDigital Library
  19. Clarke, I., Miller, S. G., Hong, T. W., Sandberg, O., and Wiley, B. 2002. Protecting free expression online with freenet. IEEE Internet Comput. 6, 1, 40--49. Google ScholarGoogle ScholarDigital LibraryDigital Library
  20. Clarke, I., Sandberg, O., Wiley, B., and Hong, T. W. 2000. Freenet: A distributed anonymous information storage and retrieval system. In Workshop on Design Issues in Anonymity and Unobservability. Lecture Notes in Computer Science, vol. 2009. Springer-Verlag, New York, 46--66. Google ScholarGoogle ScholarDigital LibraryDigital Library
  21. Detlefs, D., Leino, K., Leino, M., and Nelson, G. 1996. Wrestling with rep exposure. Tech. rep. Digital Equipment Corporation Systems Research Center.Google ScholarGoogle Scholar
  22. Deutsch, A. 1995. Semantic models and abstract interpretation techniques for inductive data structures and pointers. In Proceedings of the ACM SIGPLAN Symposium on Partial Evaluation and Semantics-Based Program Manipulation (La Jolla, CA, June 21--23). ACM, New York, 226--229. Google ScholarGoogle ScholarDigital LibraryDigital Library
  23. Dowling, W. F. and Gallier, J. H. 1984. Linear-time algorithms for testing the satisfiability of propositional horn formulae. J. Logic Prog. 1, 3 (Oct.), 267--284.Google ScholarGoogle ScholarCross RefCross Ref
  24. Fowler, M., Beck, K., Brant, J., Opdyke, W., and Roberts, D. 1999. Refactoring: Improving the Design of Existing Code. Addison-Wesley. Google ScholarGoogle ScholarDigital LibraryDigital Library
  25. Gamma, E., Helm, R., Johnson, R. E., and Vlissides, J. 1994. Design Patterns. Addison-Wesley, Reading, MA.Google ScholarGoogle Scholar
  26. Genius, D., Trapp, M., and Zimmermann, W. 1998. An approach to improve locality using sandwich types. In Proceedings of the 2nd Types in Compilation Workshop, (Kyoto, Japan, Mar.). Lecture Notes in Computer Science, vol. 1473. Springer-Verlag, New York, 194--214. Google ScholarGoogle ScholarDigital LibraryDigital Library
  27. Herrmann, S. 2003. Object teams: Improving modularity for crosscutting collaborations. In Objects, Components, Architectures, Services, and Applications for a Networked World. Lecture Notes in Computer Science, Springer-Verlag, New York, 248--264. Google ScholarGoogle ScholarDigital LibraryDigital Library
  28. Hogg, J. 1991. Islands: Aliasing protection in object-oriented languages. In Proceedings of the OOPSLA '91 Conference on Object-Oriented Programming Systems, Languages and Applications, (Nov.), ACM, New York, 271--285 (Published as ACM SIGPLAN Notices, 26, 11). Google ScholarGoogle ScholarDigital LibraryDigital Library
  29. Hogg, J., Lea, D., Wills, A., de Champeaux, D., and Holt, R. 1992. The Geneva convention on the treatment of object aliasing. OOPS Messenger 3, 2, 271--285. Google ScholarGoogle ScholarDigital LibraryDigital Library
  30. Igarashi, A., Pierce, B. C. and Wadler, P. 2001. Featherweight Java: A minimal core calculus for Java and GJ. ACM Trans. Prog. Lang. Syst. 23, 3 (May), 396--450. Google ScholarGoogle ScholarDigital LibraryDigital Library
  31. Kent, S. and Maung, I. 1995. Encapsulation and aggregation. In Proceedings of TOOLS PACIFIC 95 (TOOLS 18), Prentice-Hall, Englewood Cliffs, NJ, 227--238.Google ScholarGoogle Scholar
  32. Müller, P. 2002. Modular specification and verification of object-oriented programs. Ph.D. dissertation. FernUniversität Hagen (Also in Lecture Notes in Computer Science, vol. 2262. Springer-Verlag, New York, 2002).Google ScholarGoogle Scholar
  33. Müller, P. and Poetzsch-Heffter, A. 1999. Universes: A type system for controlling representation exposure. In Programming Languages and Fundamentals of Programming, A. Poetzsch-Heffter and J. Meyer, Eds. Fernuniversität Hagen.Google ScholarGoogle Scholar
  34. Noble, J., Vitek, J., and Potter, J. 1998. Flexible alias protection. In ECOOP'98---Object-Oriented Programming, Eric Jul, Ed. Lecture Notes in Computer Science, vol. 1445. Springer-Verlag, New York, 158--185. Google ScholarGoogle ScholarDigital LibraryDigital Library
  35. Potanin, A., Noble, J., Clarke, D. and Biddle, R. 2004. Featherweight generic confinement. In Proceedings of the Workshop on Foundations of Object-Oriented Languages.Google ScholarGoogle Scholar
  36. Rustan, K., Leino, M., and Müller, P. 2004. Object invariants in dynamic contexts. In Proceedings of ECOOP'04, 16th European Conference on Object-Oriented Programming, 491--516.Google ScholarGoogle Scholar
  37. Skalka, C. and Smith, S. F. 2005. Static use-based object confinement. Int. J. Inf. Secur. 4, 1--2, 87--104 (Preliminary version in Proceedings of Foundations of Computer Security, volume 02-12 of DIKU technical reports 2002. 117--126).Google ScholarGoogle ScholarDigital LibraryDigital Library
  38. Sun Microsystems. 2000. Support for extensions and applications in the version 1.2 of the Java platform. http://java.sun.com/products/jdk/1.2/docs/guide/extensions/spec.html.Google ScholarGoogle Scholar
  39. Vitek, J. and Bokowski, B. 2001. Confined types in Java. Softw. Pract. Exper. 31, 6, 507--532. Google ScholarGoogle ScholarDigital LibraryDigital Library
  40. Zaks, A., Feldman, V., and Aizikowitz, N. 2000. Sealed calls in Java packages. In OOPSLA '2000 Conference Proceedings, ACM SIGPLAN Notices, 83--92. Google ScholarGoogle ScholarDigital LibraryDigital Library
  41. Zhao, T., Noble, J., and Vitek, J. 2004. Scoped types for real-time Java. In Proceedings of 25th IEEE Real-Time Systems Symposium. IEEE Computer Society Press, Los Alamitos, CA, 241--245. Google ScholarGoogle ScholarDigital LibraryDigital Library
  42. Zhao, T., Palsberg, J., and Vitek, J. 2006. Type-based confinement. J. Funct. Prog. 16, 1, 83--128. (Preliminary version, entitled “Lightweight confinement for Featherweight Java”. In Proceedings of OOPSLA'03, ACM SIGPLAN Conference on Object-Oriented Programming Systems, Languages and Applications, 135--148 (Anaheim, CA, Oct.). ACM, New York, 2003, 135--148. Google ScholarGoogle ScholarDigital LibraryDigital Library

Index Terms

  1. Encapsulating objects with confined types

    Recommendations

    Comments

    Login options

    Check if you have access through your login credentials or your institution to get full access on this article.

    Sign in

    Full Access

    • Published in

      cover image ACM Transactions on Programming Languages and Systems
      ACM Transactions on Programming Languages and Systems  Volume 29, Issue 6
      October 2007
      408 pages
      ISSN:0164-0925
      EISSN:1558-4593
      DOI:10.1145/1286821
      Issue’s Table of Contents

      Copyright © 2007 ACM

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      • Published: 1 October 2007
      Published in toplas Volume 29, Issue 6

      Permissions

      Request permissions about this article.

      Request Permissions

      Check for updates

      Qualifiers

      • article

    PDF Format

    View or Download as a PDF file.

    PDF

    eReader

    View online with eReader.

    eReader
    About Cookies On This Site

    We use cookies to ensure that we give you the best experience on our website.

    Learn more

    Got it!