The Java virtual machine and the .NET common language runtime feature an access control mechanism specified operationally in terms of run-time stack inspection. We give a denotational semantics in "eager" form, and show that it is equivalent to the "lazy" semantics using stack inspection. We give a static analysis of safety, i.e., the absence of security errors, that is simpler than previous proposals. We identify several program transformations that can be used to remove run-time checks. We give complete, detailed proofs for safety of the analysis and for the transformations, exploiting compositionality of the eager semantics
This paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access...
AbstractRuntime monitoring is an established technique to enforce a wide range of program safety and...
We present a new static analysis for reviewing the se-curity of libraries for systems, such as JVMs ...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Current implementations of Java make security decisions by searching the runtime call stack. These s...
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to acco...
AbstractWe propose two control flow analyses for the Java bytecode. They safely approximate the set ...
We present a method to certify a subset of the Java bytecode, with respect to security. The method i...
Abstract. The security manager in Java 2 is a runtime access control mechanism. Whenever an access p...
This paper presents an approach to addressing the known weaknesses and security issues of JVM stack ...
A stack-based access control mechanism is to prevent untrusted codes from accessing protected resour...
Security is becoming a major issue in our highly networked and computerized era. Malicious code dete...
We present an approach enabling end-users to prove security properties of the Java bytecode by stati...
machine level: The Java Virtual Machine (JVM) is a language dependent abstract machine that is close...
This paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access...
AbstractRuntime monitoring is an established technique to enforce a wide range of program safety and...
We present a new static analysis for reviewing the se-curity of libraries for systems, such as JVMs ...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
The paper focuses on stack inspection, the access control mechanism implemented in Java and the CLR...
Current implementations of Java make security decisions by searching the runtime call stack. These s...
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to acco...
AbstractWe propose two control flow analyses for the Java bytecode. They safely approximate the set ...
We present a method to certify a subset of the Java bytecode, with respect to security. The method i...
Abstract. The security manager in Java 2 is a runtime access control mechanism. Whenever an access p...
This paper presents an approach to addressing the known weaknesses and security issues of JVM stack ...
A stack-based access control mechanism is to prevent untrusted codes from accessing protected resour...
Security is becoming a major issue in our highly networked and computerized era. Malicious code dete...
We present an approach enabling end-users to prove security properties of the Java bytecode by stati...
machine level: The Java Virtual Machine (JVM) is a language dependent abstract machine that is close...
This paper presents a static type system for JAVA Virtual Machine (JVM) code that enforces an access...
AbstractRuntime monitoring is an established technique to enforce a wide range of program safety and...
We present a new static analysis for reviewing the se-curity of libraries for systems, such as JVMs ...