IRM enforcement of Java']Java stack inspection

被引：103

作者：

Erlingsson, U ^{[1
]}

Schneider, FB ^{[1
]}

机构：

[1] DeCODE Genet, IS-110 Reykjavik, Iceland

来源：

2000 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, PROCEEDINGS | 2000年

关键词：

D O I：

10.1109/SECPRI.2000.848461

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Two implementations are given for Java's stack-inspection access-control policy. Each implementation is obtained by generating an inlined reference monitor (IRM) for a different formulation of the policy. Performance of the implementations is evaluated and one is found to be competitive with Java's less-flexible, JVM-resident implementation. The exercise illustrates the power of the IRM approach fbr enforcing security policies.

引用

页码：246 / 255

页数：10

共 18 条

[1]

ANDERSON JP, 1972, ESDTR7351, V2, P58

[2]

BAIRDSMITH A, 1996, JIGSAW OBJECT ORIENT

[3]

Cohen GA, 1998, PROCEEDINGS OF THE USENIX 1998 ANNUAL TECHNICAL CONFERENCE, P167

[4]

ERLINGSSON U, 2000, TR20001786

[5]

Erlingsson U., 1999, P 1999 NEW SEC PAR W

[6]

ERLINGSSON U, 2000, THESIS CORNELL U ITH

[7] Flexible policy-directed code safety [J].

Evans, D ;

Twyman, A .

PROCEEDINGS OF THE 1999 IEEE SYMPOSIUM ON SECURITY AND PRIVACY, 1999, :32-45

[8]

FRASER T, 1999, P IEEE S SEC PRIV OA

[9]

GONG L., 1999, INSIDE JAVA 2 PLATFO

[10]

GOSLING J, 1996, JAVA LANGUAGE SPECIF

← 1 2 →