Tutor HuntResources Java Resources
Understanding Java Stack Inspection
Java Stack I
Date : 12/04/2014
Author Information
Uploaded by : Mohit
Uploaded on : 12/04/2014
Subject : Java
Current implementations of Java make security decisions
by searching the runtime call stack. These systems have
attractive security properties, but they have been criticized
as being dependent on specific artifacts of the Java implementation.
This paper models the stack inspection algorithm in
terms of a well-understood logic for access control and
demonstrates how stack inspection is a useful tool for expressing
and managing complex trust relationships. We
show that an access control decision based on stack inspection
corresponds to the construction of a proof in the
logic, and we present an efficient decision procedure for
generating these proofs.
By examining the decision procedure, we demonstrate
that many statements in the logic are equivalent and can
thus be expressed in a simpler form. We show that there
are a finite number of such statements, allowing us to represent
the security state of the system as a pushdown automaton.
We also show that this automaton may be embedded
in Java by rewriting all Java classes to pass an additional
argument when a procedure is invoked. We call
this security-passing style and describe its benefits over
previous stack inspection systems. Finally, we show how
the logic allows us to describe a straightforward design for
extending stack inspection across remote procedure calls
This resource was uploaded by: Mohit