Java vulnerability analysis with JAPCT: java access permission checking tree
نویسندگان
چکیده
منابع مشابه
Bytecode Analysis for Checking Java Access Modifiers
The access modifiers for Java are a mechanism for information hiding and therefore especially important for large projects. An access modifier that is too restrictive is reported as a compilation error. An access modifier that could be more restrictive is however not reported at all. On the long run, changes to a project lead to less restrictive modifiers, if the programmer does not actively wo...
متن کاملJava Model Checking
This paper presents initial results in model checking multi-threaded Java programs. Java programs are translated into the SAL (Symbolic Analysis Laboratory) intermediate language, which supports dynamic constructs such as object instantiations and thread call stacks. The SAL model checker then exhaustively checks the program description for deadlocks and assertion failures. Basic model checking...
متن کاملChecking Access to Protected Members in the Java Virtual Machine
This paper studies in detail how to correctly and efficiently check access to protected members in the Java Virtual Machine. This aspect of type safety is not explained in the official specification and, to the author’s knowledge, has been completely neglected in the research literature. Nonetheless, it is a subtle aspect that is not straightforward to implement correctly, as evidenced by the p...
متن کاملVisualization of Permission Checks in Java Using Static Analysis
The security manager in Java 2 is a runtime access control mechanism. Whenever an access permission to critical resources is requested, the security manager inspects a call stack to examine whether the program has appropriate access permissions or not. This run-time permission check called stack inspection enforces access-control policies that associate access rights with the class that initiat...
متن کاملProbabilistic Model Checking with Java PathFinder?
On the one hand, probabilistic model checkers such as PRISM [1] have been successfully employed to verify models of probabilistic systems. However, they are not suitable for checking properties such as uncaught exceptions of the actual code of the system. On the other hand, model checkers such as Java PathFinder (JPF) [2] have been used with success to verify actual code of systems. However, th...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
ژورنال
عنوان ژورنال: Contemporary Engineering Sciences
سال: 2014
ISSN: 1314-7641
DOI: 10.12988/ces.2014.49170