A static type system for JVM access control

Higuchi, Tomoyuki; Ohori, Atsushi

doi:10.1145/944705.944726

Cited by 9 publications

(14 citation statements)

References 27 publications

(35 reference statements)

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Type-preservation is shown trivially by erasing liveness and register attributes, and merging the memory and register contexts of each sequent. We also believe that our method can be combined with other static veriÿcation systems for low-level code such as a static type system for access control [8].…”

Section: Conclusion and Discussionmentioning

confidence: 99%

Register allocation by proof transformation

Ohori

2004

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

This paper presents a proof-theoretical framework that accounts for the entire process of register allocation-liveness analysis is proof reconstruction (similar to type inference), and register allocation is proof transformation from a proof system with unrestricted variable accesses to a proof system with restricted variable access. In our framework, the set of registers acts as a "working set" of the live variables at each instruction step, which changes during the execution of the code. This eliminates the ad hoc notion of "spilling". Memory-register moves are systematically incorporated in our proof transformation process. Its correctness is a direct corollary of our construction; the resulting proof is equivalent to the proof of the original code modulo treatment of structural rules. The framework serves as a basis for reasoning about formal properties of register allocation process, and it also yields a clean and systematic register allocation algorithm. The algorithm has been implemented, demonstrating the feasibility of the framework.

show abstract

Section: Conclusion and Discussionmentioning

confidence: 99%

Register allocation by proof transformation

Ohori

2004

Science of Computer Programming

Self Cite

View full text Add to dashboard Cite

show abstract

“…(3) A polymorphic constraint type system, combined with a novel technique called reification, provides a modular solution, that does not require re-computation of types when new classes are linked. (4) Through the use of parametric polymorphism, our analysis is more complete than existing type systems for JVM access control such as [14].…”

Section: Requirements For a Solutionmentioning

confidence: 99%

“…Linking of a class C in the JVM implies bytecode verification of C, and general preparation of C for execution [14], e.g. resolution of references.…”

Section: Linking and Type Reificationmentioning

confidence: 99%

“…But any version of the run method may be dynamically dispatched at this point, and more than one version may exist. Previous authors [14] have proposed an approach whereby the effect of m is approximated as the join of the effects of all known versions of run. A scheme for verifying linked classes is also outlined by those authors, whereby the effects of new versions of run must be contained in that join.…”

Section: Linking and Type Reificationmentioning

confidence: 99%

“…It is argued that static verification of stack inspection promotes program efficiency and understanding, and provides a more eager approach to security. However, despite this body of work, only one group has studied static enforcement of stack inspection for Java bytecodes [13,14], and none have thoroughly considered how to integrate their analyses with dynamic linking and loading in the JVM. But to be practical, it is obviously necessary for any analysis to be applicable to the language model where stack inspection is employed, so a consideration of the problem of dynamic linking and loading is essential.…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

Type safe dynamic linking for JVM access control

Skalka

2007

Proceedings of the 9th ACM SIGPLAN International Conference on Principles and Practice of Declarative Programming

View full text Add to dashboard Cite

The Java JDK security model provides an access control mechanism for the JVM based on dynamic stack inspection. Previous results have shown how stack inspection can be enforced at compile time via whole-program type analysis, but features of the JVM present significant remaining technical challenges. For instance, dynamic dispatch at the bytecode level requires special consideration to ensure flexibility in typing. Even more problematic is dynamic class loading and linking, which disallow a purely static analysis in principle, though the intended applications of the JDK exploit these features. We propose an extension to existing bytecode verification, that enforces stack inspection at link time, without imposing new restrictions on the JVM class loading and linking mechanism. Our solution is more flexible than existing type based approaches, and establishes a formal type safety result for bytecode-level access control in the presence of dynamic class linking.

show abstract

Formal Methods for Smartcard Security

Barthe

Dufay

2005

Foundations of Security Analysis and Design III

View full text Add to dashboard Cite

Abstract. Smartcards are trusted personal devices designed to store and process confidential data, and to act as secure tokens for providing access to applications and services. Smartcards are widely deployed and their usage spans over several application domains including banking, telecommunications, and identity.Open platform smartcards are new generation trusted personal devices with increased flexibility. Such devices, which benefit of increased connectivity and increased interoperability, can host several applets and allow new applets to be loaded post-issuance. Such an increased flexibility raises concerns about the possibility of logical attacks that could affect a very large number of devices, and requires the development of techniques and tools that can be used to increase the reliability of platforms and applications for trusted personal devices. The objective of this chapter is to describe some applications of formal methods to increase the reliability of smartcards and trusted personal devices.

show abstract

A static type system for JVM access control

Cited by 9 publications

References 27 publications

Register allocation by proof transformation

Register allocation by proof transformation

Type safe dynamic linking for JVM access control

Formal Methods for Smartcard Security

Contact Info

Product

Resources

About