Sciweavers

ESORICS
2000
Springer

Using Reflection as a Mechanism for Enforcing Security Policies in Mobile Code

14 years 3 months ago
Using Reflection as a Mechanism for Enforcing Security Policies in Mobile Code
Several authors have proposed using code modification as a technique for enforcing security policies such as resource limits, access controls, and network information flows. However, these approaches are typically ad hoc implemented without a high level abstract framework for code modification. We propose using reflection hanism for implementing code modifications within an abstract framework based on the semantics of the underlying programming language. We have developed a reflective version of Java called Kava that uses byte-code rewriting techniques to insert pre-defined hooks into Java class files at load time. This makes it possible to specify ement security policies for mobile code in a more abstract and flexible way. Our mechanism could be used as a more principled way of enforcing some of the existing security policies described in the literature. The advantages of our approach over related work (SASI, JRes, etc.) are that we can guarantee that our security mechanisms cannot be...
Ian Welch, Robert J. Stroud
Added 24 Aug 2010
Updated 24 Aug 2010
Type Conference
Year 2000
Where ESORICS
Authors Ian Welch, Robert J. Stroud
Comments (0)