Securing Class Initialization

Abstract : Language-based information-flow security is concerned with specifying and enforcing security policies for information flow via language constructs. Although much progress has been made on understanding information flow in object-oriented programs, the impact of class initialization on information flow has been so far largely unexplored. This paper turns the spotlight on security implications of class initialization. We discuss the subtleties of information propagation when classes are initialized and propose a formalization that illustrates how to track information flow in presence of class initialization by a type-and-effect system for a simple language. We show how to extend the formalization to a language with exception handling.
Type de document :
Communication dans un congrès
Masakatsu Nishigaki; Audun Jøsang; Yuko Murayama; Stephen Marsh. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. Springer, IFIP Advances in Information and Communication Technology, AICT-321, pp.48-62, 2010, Trust Management IV. 〈10.1007/978-3-642-13446-3_4〉
Liste complète des métadonnées

Littérature citée [27 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01061318
Contributeur : Hal Ifip <>
Soumis le : vendredi 24 novembre 2017 - 16:37:41
Dernière modification le : samedi 25 novembre 2017 - 01:24:00

Fichier

NakataS10.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Keiko Nakata, Andrei Sabelfeld. Securing Class Initialization. Masakatsu Nishigaki; Audun Jøsang; Yuko Murayama; Stephen Marsh. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. Springer, IFIP Advances in Information and Communication Technology, AICT-321, pp.48-62, 2010, Trust Management IV. 〈10.1007/978-3-642-13446-3_4〉. 〈hal-01061318〉

Partager

Métriques

Consultations de la notice

62

Téléchargements de fichiers

10