Securing Class Initialization
نویسندگان
چکیده
Language-based information-flow security is concerned with specifying and enforcing security policies for information flow via language constructs. Although much progress has been made on understanding information flow in object-oriented programs, the impact of class initialization on information flow has been so far largely unexplored. This paper turns the spotlight on security implications of class initialization. We discuss the subtleties of information propagation when classes are initialized and propose a formalization that illustrates how to track information flow in presence of class initialization by a type-andeffect system for a simple language. We show how to extend the formalization to a language with exception handling.
منابع مشابه
Certification and Authentication Services for Securing MANET Routing Protocols
In this paper, we describe a new authentication service for securing mobile ad hoc network (MANET) routing protocols. A MANET authentication extension (MAE) is appended to each routing protocol message. Our design includes a self-organized certification service, adapted from [6] with the following improvements: appropriated initialization, correcting vulnerabilities in the original design; loca...
متن کاملEager Class Initialization for Java
We describe a static analysis method on Java bytecode to determine class initialization dependencies This method can be used for eager class loading and initialization It catches many initialization circularities that are missed by the standard lazy implementation Except for contrived examples the computed initialization order gives the same results as standard lazy initialization
متن کاملThe Role of Physical Layer Security in IoT: A Novel Perspective
This paper deals with the problem of securing the configuration phase of an Internet of Things (IoT) system. The main drawbacks of current approaches are the focus on specific techniques and methods, and the lack of a cross layer vision of the problem. In a smart environment, each IoT device has limited resources and is often battery operated with limited capabilities (e.g., no keyboard). As a ...
متن کاملHighly reliable trust establishment scheme in ad hoc networks
Securing ad hoc networks in a fully self-organized way is effective and light-weight, but fails to accomplish trust initialization in many trust deficient scenarios. To overcome this problem, this paper aims at building well established trust relationships in ad hoc networks without relying on any pre-defined assumption. We propose a probabilistic solution based on distributed trust model. A se...
متن کاملInitialization problems for Java
We exhibit a grey area in the speciication of Java and of its implementation through the Java Virtual Machine (JVM): the treatment of initialization of classes and interfaces. We report the result of our experiments with diierent implementations of Java, which connrm the theoretical prediction of our work on mathematical models for Java 4] and the JVM 3], namely that the designers of Java and t...
متن کامل