Affiliation:
1. Microsoft Research, Cambridge, United Kingdom
Abstract
Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to accommodate components with diverse levels of trust. Although stack inspection enables the fine-grained expression of access control policies, it has rather a complex and subtle semantics. We present a formal semantics and an equational theory to explain how stack inspection affects program behavior and code optimisations. We discuss the security properties enforced by stack inspection, and also consider variants with stronger, simpler properties.
Publisher
Association for Computing Machinery (ACM)
Cited by
34 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Hardening Java’s Access Control by Abolishing Implicit Privilege Elevation;2017 IEEE Symposium on Security and Privacy (SP);2017-05
2. Checking global usage of resources handled with local policies;Science of Computer Programming;2017-01
3. Model checking usage policies;Mathematical Structures in Computer Science;2014-11-10
4. A Simple Semantics and Static Analysis for Stack Inspection;Electronic Proceedings in Theoretical Computer Science;2013-09-19
5. The functionality-based application confinement model;International Journal of Information Security;2013-05-12