Current implementations of Java make security decisions by searching the runtime call stack. These systems have attractive security properties, but they have been criticized as being dependent on specific artifacts of the Java implementation. This paper models the stack inspection algorithm in terms of a well-understood logic for access control and demonstrates how stack inspection is a useful tool for expressing and managing complex trust relationships. We show that an access control decision based on stack inspection corresponds to the construction of a proof in the logic, and we present an efficient decision procedure for generating these proofs. By examining the decision procedure, we demonstrate that many statements in the logic are eq...
Abstract. The security manager in Java 2 is a runtime access control mechanism. Whenever an access p...
Abstract. The Java security architecture in the Java Development Kit 1.2 expands the current Java sa...
Two implementations are given for Java's stack-inspection access-control policy. Each implementatio...
The Java virtual machine and the .NET common language runtime feature an access control mechanism sp...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to acco...
A stack-based access control mechanism is to prevent untrusted codes from accessing protected resour...
Java development kit 1.2 provides a runtime access control mechanism which inspects a control stack ...
Computer security has become a crucial issue in recent years. More than ever, computer scientists, d...
We present an approach enabling end-users to prove security properties of the Java bytecode by stati...
While the Java runtime is installed on billions of devices and servers worldwide, it remains a prima...
We present a method to certify a subset of the Java bytecode, with respect to security. The method i...
. The Java security architecture in the Java Development Kit 1.2 expands the current Java sandbox mo...
AbstractWe propose two control flow analyses for the Java bytecode. They safely approximate the set ...
Abstract. The security manager in Java 2 is a runtime access control mechanism. Whenever an access p...
Abstract. The Java security architecture in the Java Development Kit 1.2 expands the current Java sa...
Two implementations are given for Java's stack-inspection access-control policy. Each implementatio...
The Java virtual machine and the .NET common language runtime feature an access control mechanism sp...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to acco...
A stack-based access control mechanism is to prevent untrusted codes from accessing protected resour...
Java development kit 1.2 provides a runtime access control mechanism which inspects a control stack ...
Computer security has become a crucial issue in recent years. More than ever, computer scientists, d...
We present an approach enabling end-users to prove security properties of the Java bytecode by stati...
While the Java runtime is installed on billions of devices and servers worldwide, it remains a prima...
We present a method to certify a subset of the Java bytecode, with respect to security. The method i...
. The Java security architecture in the Java Development Kit 1.2 expands the current Java sandbox mo...
AbstractWe propose two control flow analyses for the Java bytecode. They safely approximate the set ...
Abstract. The security manager in Java 2 is a runtime access control mechanism. Whenever an access p...
Abstract. The Java security architecture in the Java Development Kit 1.2 expands the current Java sa...
Two implementations are given for Java's stack-inspection access-control policy. Each implementatio...