A Simple Semantics and Static Analysis for Stack Inspection

نویسندگان

Anindya Banerjee

David A. Naumann

چکیده

The Java virtual machine and the .NET common language runtime feature an access control mechanism specified operationally in terms of run-time stack inspection. We give a denotational semantics in “eager” form, and show that it is equivalent to the “lazy” semantics using stack inspection. We give a static analysis of safety, i.e., the absence of security errors, that is simpler than previous proposals. We identify several program transformations that can be used to remove run-time checks. We give complete, detailed proofs for safety of the analysis and for the transformations, exploiting compositionality of the eager semantics.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Simple Semantics and Static Analysis for Java Security

Security in Java depends on an access control mechanism specified operationally in terms of run-time stack inspection. We give a denotational semantics in “eager” form, and show that it is equivalent to the “lazy” semantics using stack inspection. We give a static analysis of safety, i.e., the absence of security errors, that is significantly simpler than previous proposals. We identify several...

متن کامل

History-Based Access Control and Secure Information Flow

This paper addresses the problem of static checking of programs to ensure that they satisfy confidentiality policies in the presence of dynamic access control in the form of Abadi and Fournet’s historybased access control mechanism. The Java virtual machine’s permissionbased stack inspection mechanism provides dynamic access control and is useful in protecting trusted callees from untrusted cal...

متن کامل

Reverse Engineering of Network Software Binary Codes for Identification of Syntax and Semantics of Protocol Messages

Reverse engineering of network applications especially from the security point of view is of high importance and interest. Many network applications use proprietary protocols which specifications are not publicly available. Reverse engineering of such applications could provide us with vital information to understand their embedded unknown protocols. This could facilitate many tasks including d...

متن کامل

Inlining in the presence of Stack Inspection ?

We consider languages that use stack inspection as an access control mechanism, and concentrate on a specific optimization technique, namely method inlining. Based on the static analysis of [5], we specify when this optimization is possible, preserving the policy for access control associated with applications. Remarkably, our proposal works even in the presence of dynamic linking.

متن کامل

Static Analysis for Stack Inspection

We propose two control flow analyses for the Java bytecode. They safely approximate the set of permissions granted/denied to code at run-time. This static information helps optimizing the implementation of the stack inspection algorithm.

متن کامل

ذخیره در منابع من

ذخیره در منابع من قبلا به منابع من ذحیره شده

{@ msg_add @}

با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره شماره

صفحات -

تاریخ انتشار 2013

A Simple Semantics and Static Analysis for Stack Inspection

نویسندگان

چکیده

منابع مشابه

A Simple Semantics and Static Analysis for Java Security

History-Based Access Control and Secure Information Flow

Reverse Engineering of Network Software Binary Codes for Identification of Syntax and Semantics of Protocol Messages

Inlining in the presence of Stack Inspection ?

Static Analysis for Stack Inspection

عنوان ژورنال:

اشتراک گذاری