Sharing and transfer of references is difficult to control in object-oriented languages. As information security is increasingly becoming software dependent, this difficulty poses serious problems for writing secure components. In this paper, we present a set of inexpensive syntactic constraints that strengthen encapsulation in object-oriented programs and facilitate the implementation of secure systems. We introduce two mechanisms: confined types to impose static scoping on dynamic object references and anonymous methods which do not reveal the identity of the current instance (this). Confined types protect objects from use by untrusted code, while anonymous methods allow standard classes to be reused from confined classes. We have impleme...
Capabilities are used to control access to system resources. In modern programming languages that ex...
It is essential for security to be able to isolate mistrusting programs from one another, and to pro...
International audienceSun and the CERT recommend for secure Java development to not allow partially ...
The language-based approach to security employs programming language technologies to construct secur...
Abstract Confined types enforce a form of encapsulation stronger than what the standard Java typesys...
Confinement is used to prohibit safety-critical objects from unintended access. Approaches for speci...
Confinement is required in object-oriented programming in order to protect sensitive object referenc...
Existing approaches to object encapsulation either rely on ad hoc syntactic restrictions or require ...
We consider a sequential object-oriented language with pointers and mutable state, private fields an...
Existing approaches to object encapsulation either rely on ad hoc syntactic restrictions or require ...
Many secure applications are emerging using the Java TM language and running on the Java platform....
Confinement properties impose a structure on object graphs which can be used to enforce encapsulatio...
International audienceExchanging mutable data objects with untrusted code is a delicate matter becau...
Capabilities are used to control access to system resources. In modern programming languages that ex...
International audienceExchanging mutable data objects with untrusted code is a delicate matter becau...
Capabilities are used to control access to system resources. In modern programming languages that ex...
It is essential for security to be able to isolate mistrusting programs from one another, and to pro...
International audienceSun and the CERT recommend for secure Java development to not allow partially ...
The language-based approach to security employs programming language technologies to construct secur...
Abstract Confined types enforce a form of encapsulation stronger than what the standard Java typesys...
Confinement is used to prohibit safety-critical objects from unintended access. Approaches for speci...
Confinement is required in object-oriented programming in order to protect sensitive object referenc...
Existing approaches to object encapsulation either rely on ad hoc syntactic restrictions or require ...
We consider a sequential object-oriented language with pointers and mutable state, private fields an...
Existing approaches to object encapsulation either rely on ad hoc syntactic restrictions or require ...
Many secure applications are emerging using the Java TM language and running on the Java platform....
Confinement properties impose a structure on object graphs which can be used to enforce encapsulatio...
International audienceExchanging mutable data objects with untrusted code is a delicate matter becau...
Capabilities are used to control access to system resources. In modern programming languages that ex...
International audienceExchanging mutable data objects with untrusted code is a delicate matter becau...
Capabilities are used to control access to system resources. In modern programming languages that ex...
It is essential for security to be able to isolate mistrusting programs from one another, and to pro...
International audienceSun and the CERT recommend for secure Java development to not allow partially ...