摘要: Security is a major, frequent concern in extensible software systems such as Java Virtual Machines and the Common Language Runtime. These aim to enable simple, classic applets also, for example, distributed applications, Web services, programmable networks, with appropriate security expectations. Accordingly, they feature elaborate constructs mechanisms associating rights code, including technique determining run-time of piece code function state execution stack. prevent many holes, but are inherently partial have proved difficult use reliably. We motivate describe new model assigning code: short, determined by examining attributes any pieces that run (including their origins) explicit requests augment rights. This historybased addresses concerns while avoiding pitfalls. analyze detail; particular, we discuss its relation stack-based policies underlying operating systems, consider implementation techniques. In support model, also introduce implement high-level security, which should be incorporated libraries or (even better) programming languages.
isoc.org
ndss-symposium.org
columbia.edu 参考文章(15)
David A. Solomon, Mark Russinovich, Inside Microsoft Windows 2000 ,(2000)
Frank Yellin, Tim Lindholm, The Java Virtual Machine Specification ,(1996)
T. Jensen, D. Le Metayer, T. Thorn, Verification of control flow based security properties ieee symposium on security and privacy. pp. 89- 103 ,(1999) , 10.1109/SECPRI.1999.766902
Dorothy Elizabeth Robling Denning, Cryptography and data security ,(1982)
Dan S. Wallach, Andrew W. Appel, Edward W. Felten, SAFKASI: a security mechanism for language-based systems ACM Transactions on Software Engineering and Methodology. ,vol. 9, pp. 341- 378 ,(2000) , 10.1145/363516.363520
Fred B. Schneider, Enforceable security policies ACM Transactions on Information and System Security. ,vol. 3, pp. 30- 50 ,(2000) , 10.1145/353323.353382
Norm Hardy, The Confused Deputy: (or why capabilities might have been invented) Operating Systems Review. ,vol. 22, pp. 36- 38 ,(1988) , 10.1145/54289.871709
Michael D. Schroeder, Jerome H. Saltzer, A hardware architecture for implementing protection rings Communications of the ACM. ,vol. 15, pp. 157- 170 ,(1972) , 10.1145/361268.361275
B. N. Bershad, S. Savage, P. Pardyak, E. G. Sirer, M. E. Fiuczynski, D. Becker, C. Chambers, S. Eggers, Extensibility safety and performance in the SPIN operating system symposium on operating systems principles. ,vol. 29, pp. 267- 283 ,(1995) , 10.1145/224056.224077
Cédric Fournet, Andrew D. Gordon, Stack inspection Proceedings of the 29th ACM SIGPLAN-SIGACT symposium on Principles of programming languages - POPL '02. ,vol. 37, pp. 307- 318 ,(2002) , 10.1145/503272.503301