LJGS: Gradual Security Types for Object-Oriented Languages
نویسندگان
چکیده
LJGS is a lightweight Java core calculus with a gradual security type system. The calculus guarantees secure information flow for sequential, class-based, typed object-oriented programming with mutable objects and virtual method calls. An LJGS program is composed of fragments that are checked either statically or dynamically. Statically checked fragments adhere to a security type system so that they incur no run-time penalty whereas dynamically checked fragments rely on run-time security labels. The programmer marks the boundaries between static and dynamic checking with casts so that it is always clear whether a program fragment requires run-time checks. LJGS requires security annotations on fields and methods. A field annotation either specifies a fixed static security level or it prescribes dynamic checking. A method annotation specifies a constrained polymorphic security signature. The types of local variables in method bodies are analyzed flow-sensitively and require no annotation. The dynamic checking of fields relies on a static points-to analysis to approximate implicit flows. We prove type soundness and non-interference for LJGS. 1998 ACM Subject Classification D4.6. Security and Protection
منابع مشابه
LJGS: Gradual Security Types for Object-Oriented Languages (Artifact)
JGS-check is the accompanying artifact to “LJGS: Gradual Security Types for Object-Oriented Languages”. LJGS is a Java-like language with gradual security typing. It features a constraint based information flow type system that includes a type dynamic and type casts. Dynamically typed fragments are liberally accepted by the type checker and rely on run-time enforcement for security. JGScheck is...
متن کاملConnned Types
Sharing and transfer of object references is diicult to control in object-oriented languages. Uncon-strained sharing poses serious problems for writing secure components in object-oriented languages. In this paper, we present a set of inexpensive syntactic constraints that strengthen encapsulation in object-oriented programs and facilitate the implementation of secure systems. We introduce two ...
متن کاملGradual Typing with Efficient Object Casts
Gradual type systems meld dynamic typing with optional static types, moderating between the two with statically inserted casts. Casting is the éminence grise of such systems — it enables swift detection of type errors in dynamic code without enforcing runtime checks throughout a program, and in combination with blame tracking it allows such errors to be traced to their origin. However, such cas...
متن کامل1 Programmable Security for Object - Oriented Systems
This paper focuses on \programmable security" for object-oriented systems and languages. A primitive distributed object model is used to capture the essence of object behavior and access control schemes. This model can be used to construct virtually any distributed object language or system while supporting a spectrum of decentralized authorization models.
متن کاملObject-oriented Data Bases
INTRODUCTION Object-oriented (OO) programming languages and OO analysis and design techniques influence data base systems design and development. The inevitable result is the object-oriented data base management system (OODBMS). Many of the established data base vendors are incorporating objectoriented concepts into their products in an effort to facilitate data base design and development in t...
متن کامل