Securing Class Initialization - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2010

Securing Class Initialization

Résumé

Language-based information-flow security is concerned with specifying and enforcing security policies for information flow via language constructs. Although much progress has been made on understanding information flow in object-oriented programs, the impact of class initialization on information flow has been so far largely unexplored. This paper turns the spotlight on security implications of class initialization. We discuss the subtleties of information propagation when classes are initialized and propose a formalization that illustrates how to track information flow in presence of class initialization by a type-and-effect system for a simple language. We show how to extend the formalization to a language with exception handling.
Fichier principal
Vignette du fichier
NakataS10.pdf (292.31 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01061318 , version 1 (24-11-2017)

Licence

Paternité

Identifiants

Citer

Keiko Nakata, Andrei Sabelfeld. Securing Class Initialization. 4th IFIP WG 11.11 International on Trust Management (TM), Jun 2010, Morioka, Japan. pp.48-62, ⟨10.1007/978-3-642-13446-3_4⟩. ⟨hal-01061318⟩
46 Consultations
69 Téléchargements

Altmetric

Partager

Gmail Facebook X LinkedIn More