Sciweavers

CSFW
2004
IEEE

From Stack Inspection to Access Control: A Security Analysis for Libraries

14 years 4 months ago
From Stack Inspection to Access Control: A Security Analysis for Libraries
We present a new static analysis for reviewing the security of libraries for systems, such as JVMs or the CLR, that rely on stack inspection for access control. We describe its implementation for the CLR. Our tool inputs a set of libraries plus a description of the permissions granted to unknown, potentially hostile code. It constructs a permissionsensitive call graph, which can be queried to identify potential security defects. It has been applied to large pre-existing libraries. We also develop a new formal model of the essentials of access control in the CLR (types, classes and inheritance, access modifiers, permissions, and stack inspection). In this model, we state and prove the correctness of the analysis.
Frédéric Besson, Tomasz Blanc, C&eac
Added 20 Aug 2010
Updated 20 Aug 2010
Type Conference
Year 2004
Where CSFW
Authors Frédéric Besson, Tomasz Blanc, Cédric Fournet, Andrew D. Gordon
Comments (0)