Reflections on MOPs, Components, and Java Security
نویسندگان
چکیده
This article investigates the security issues raised by the use of meta-programming systems with Java. For each possible type of MOP (compile-time, load-time, etc.), we study the permissions required for both the base and the meta-level protection domains, taking into account the flow of control between the different parts of the application. We show that the choice of a particular MOP architecture has a strong impact on security issues. Assuming a component-based architecture with code from various origins having different levels of trust, we establish a set of rules for combining the permissions associated with each protection domain (integration, base-level, meta-level, etc.).
منابع مشابه
A Simple Security-Aware MOP for Java
This article investigates the security problems raised by the use of proxy based runtime meta object protocols MOPs for Java and provides an approach for making meta level code transparent to base level code security wise We prove that but giving all permissions only to the kernel of the MOP and by using Java s built in mechanism for propagating security contexts the permissions required by bas...
متن کاملComposition of Meta-objects in Guaran a Composition of Meta-objects in Guaran A
There are meta-object protocols (MOPs) that do not provide support for meta-object composition. Others require explicit modii-cation of existing meta-level code or provide a limited delegation mechanism in order to support it. There is much room for improvement in this eld. The MOP of Guaran a favors the development of meta-objects that can be easily composed. Composers are meta-objects that de...
متن کاملComposition of Meta - Objects in Guaran a
There are meta-object protocols (MOPs) that do not provide support for meta-object composition. Others require explicit modi cation of existing meta-level code or provide a limited delegation mechanism in order to support it. There is much room for improvement in this eld. The MOP of Guaran a favors the development of meta-objects that can be easily composed. Composers are meta-objects that de ...
متن کاملThere's Something Stuck In My Shoe! Reflections on the adoption of fine and course grained authorization frameworks
A usable system has many layers. There is the end-users’ experience through web sites, interactive voice response systems, ATMs, etc. Below these interfaces are the tools and technologies to create and operate these systems. Security of deployed systems is often dependent on the functionality and usability of these underlying technologies. This paper focuses on usability issues surrounding thes...
متن کاملA Generic Reification Technique for Object-Oriented Reflective Languages
Computational reflection is gaining interest in practical applications as witnessed by the use of reflection in the JAVA programming environment and recent work on reflective middleware. Reflective systems offer many different reflection programming interfaces, the so-called MetaObject Protocols (MOPs). Their design is subject to a number of constraints relating to, among others, expressive pow...
متن کامل