Sciweavers

CL
2010
Springer

Isolating untrusted software extensions by custom scoping rules

14 years 16 days ago
Isolating untrusted software extensions by custom scoping rules
In a modern programming language, scoping rules determine the visibility of names in various regions of a program [15]. In this work, we examine the idea of allowing an application developer to customize the scoping rules of its underlying language. We demonstrate that such an ability can serve as the cornerstone of a security architecture for dynamically extensible systems. A run-time module system, ISOMOD, is proposed for the Java platform to facilitate software isolation. A core application may create namespaces dynamically and impose arbitrary name visibility policies (i.e., scoping rules) to control whether a name is visible, to whom it is visible, and in what way it can be accessed. Because ISOMOD exercises name visibility control at load time, loaded code runs at full speed. Furthermore, because ISOMOD access control policies are maintained separately, they evolve independently from core application code. In addition, the ISOMOD policy language provides a declarative means for ...
Philip W. L. Fong, Simon A. Orr
Added 09 Dec 2010
Updated 09 Dec 2010
Type Journal
Year 2010
Where CL
Authors Philip W. L. Fong, Simon A. Orr
Comments (0)