Skip to main content
Disciplines
Automotive Business IT + Informatics Construction + Real Estate Electrical Engineering + Electronics Energy + Sustainability Insurance + Risk Finance + Banking Management + Leadership Marketing + Sales Mechanical Engineering + Materials
Events
DE
EN
Books
Journals
Topic Page
Marketing
Start single access now
Access for companies
EXTENDED SEARCH
Log in
Top
Published in:
Programming by Examples: PL Meets ML Read chapter Read first chapter

2017 | OriginalPaper | Chapter

Capabilities for Java: Secure Access to Resources

Authors : Ian J. Hayes, Xi Wu, Larissa A. Meinicke

Published in: Programming Languages and Systems

Publisher: Springer International Publishing

Log in

Activate our intelligent search to find suitable subject content or patents.

search-config
loading …

Abstract

This paper explores adding capabilities to Java with the objective of tightening security management for access to resources both within the Java Class Library and Java applications. Code can only access resources if it is given explicit capabilities, allowing replacement of the use of doPrivileged blocks. Capabilities provide restricted access to their implementing object – like an interface – but when a capability is created, it has a more restrictive dynamic type than its implementing object, and hence access to the full facilities of the implementing object (e.g. via down casting) are precluded. We used the Annotation Processing Tool to track the declaration and use of capabilities.

Dont have a licence yet? Then find out more about our products and how to get one now:

Springer Professional "Wirtschaft+Technik"

Online-Abonnement

Mit Springer Professional "Wirtschaft+Technik" erhalten Sie Zugriff auf:

  • über 102.000 Bücher
  • über 537 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Maschinenbau + Werkstoffe
  • Versicherung + Risiko

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Technik"

Online-Abonnement

Mit Springer Professional "Technik" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 390 Zeitschriften

aus folgenden Fachgebieten:

  • Automobil + Motoren
  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Elektrotechnik + Elektronik
  • Energie + Nachhaltigkeit
  • Maschinenbau + Werkstoffe




 

Jetzt Wissensvorsprung sichern!

inform now

Springer Professional "Wirtschaft"

Online-Abonnement

Mit Springer Professional "Wirtschaft" erhalten Sie Zugriff auf:

  • über 67.000 Bücher
  • über 340 Zeitschriften

aus folgenden Fachgebieten:

  • Bauwesen + Immobilien
  • Business IT + Informatik
  • Finance + Banking
  • Management + Führung
  • Marketing + Vertrieb
  • Versicherung + Risiko




Jetzt Wissensvorsprung sichern!

inform now
previous chapter Taming Message-Passing Communication in Compositional Reasoning About Confidentiality
next chapter Enforcing Programming Guidelines with Region Types and Effects
Literature
1.
2.
Cifuentes, C., Gross, A., Keynes, N.: Understanding caller-sensitive method vulnerabilities: a class of access control vulnerabilities in the Java platform. In: Proceedings of the 4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, SOAP@PLDI 2015, pp. 7–12. ACM (2015)
3.
Clebsch, S., Drossopoulou, S., Blessing, S., McNeil, A.: Deny capabilities for safe, fast actors. In: Proceedings of the 5th International Workshop on Programming Based on Actors, Agents, and Decentralized Control, AGERE! 2015, pp. 1–12. ACM (2015)
4.
Gong, L., Ellison, G., Dageforde, M.: Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd edn. Addison Wesley (2003)
5.
6.
7.
Haller, P., Loiko, A.: LaCaSa: lightweight affinity and object capabilities in scala. In: Proceedings of the ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, Part of SPLASH 2016, pp. 272–291. ACM (2016)
8.
Hermann, B., Reif, M., Eichberg, M., Mezini, M.: Getting to know you: towards a capability model for Java. In: Proceedings of the 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, pp. 758–769. ACM (2015)
9.
10.
11.
12.
Mettler, A., Wagner, D.: The Joe-E language specification, Version 1.0. Technical report EECS-2008-91, University of California, Berkeley, August 2008
13.
Mettler, A., Wagner, D., Close, T.: Joe-E: a security-oriented subset of Java. In: Proceedings of the Symposium on Network and Distributed System Security, NDSS 2010. The Internet Society (2010)
14.
Miller, M.S.: Robust composition: towards a unified approach to access control and concurrency control. Ph.D. thesis, Johns Hopkins University (2006)
15.
16.
Moore, S., Dimoulas, C., King, D., Chong, S.: SHILL: a secure shell scripting language. In: Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2014, pp. 183–199. USENIX Association (2014)
17.
18.
19.
Metadata
Title
Capabilities for Java: Secure Access to Resources
Authors
Ian J. Hayes
Xi Wu
Larissa A. Meinicke
Copyright Year
2017
Book
Programming Languages and Systems

Print ISBN: 978-3-319-71236-9

Electronic ISBN: 978-3-319-71237-6

Copyright Year: 2017

DOI
https://doi.org/10.1007/978-3-319-71237-6_4

Premium Partner

    Image Credits