How to Break the Bank: Semantics of Capability Policies
作者: Sophia Drossopoulou , James Noble
DOI: 10.1007/978-3-319-10181-1_2
关键词:
摘要: The object capability model is a de-facto industry standard widely adopted for the implementation of secure software. We call policies enforced by programs using capabilities. Such tend to restrict objects and circumstances which may access services. In this paper we argue that should be made explicit written separately from code implementing them. also specification requires concepts go beyond features current languages. Moreover, need methodologies with prove adhere their as specified.
springer.com
sci-hub.st 参考文章(40)
Wei Xiong, Verification and validation of JavaScript Durham University. ,(2013)
Mark S. Miller, Tom Van Cutsem, Bill Tulloh, Distributed electronic rights in javascript european symposium on programming. pp. 1- 20 ,(2013) , 10.1007/978-3-642-37036-6_1
Benjamin S. Lerner, Liam Elberty, Neal Poole, Shriram Krishnamurthi, Verifying Web Browser Extensions’ Compliance with Private-Browsing Mode european symposium on research in computer security. pp. 57- 74 ,(2013) , 10.1007/978-3-642-40203-6_4
M. V. Wilkes, R. M. Needham, The Cambridge CAP computer and its operating system ,(1979)
Rezwana Karim, Mohan Dhawan, Vinod Ganapathy, Chung-chieh Shan, An Analysis of the Mozilla Jetpack Extension Framework ECOOP 2012 – Object-Oriented Programming. pp. 333- 355 ,(2012) , 10.1007/978-3-642-31057-7_16
Mark S. Miller, Chip Morningstar, Bill Frantz, Capability-Based Financial Instruments financial cryptography. pp. 349- 378 ,(2000) , 10.1007/3-540-45472-1_24
Spiridon Aristides Eliopoulos, Joe Gibbs Politz, Shriram Krishnamurthi, Arjun Guha, ADsafety: type-based verification of JavaScript Sandboxing usenix security symposium. pp. 12- 12 ,(2011)
Antoine Delignat-Lavaud, Karthikeyan Bhargavan, Sergio Maffeis, Language-based defenses against untrusted browser origins usenix security symposium. pp. 653- 670 ,(2013)
Alexander J. Summers, Sophia Drossopoulou, Peter Müller, The need for flexible object invariants International Workshop on Aliasing, Confinement and Ownership in Object-Oriented Programming - IWACO '09. pp. 6- ,(2009) , 10.1145/1562154.1562160
Joshua Guttman, Fabio Martinelli, Pierpaolo Degano, Formal Aspects in Security and Trust ,(2008)