Secure the Clones - Static Enforcement of Policies for Secure Object Copying - Inria - Institut national de recherche en sciences et technologies du numérique Accéder directement au contenu
Communication Dans Un Congrès Année : 2011

Secure the Clones - Static Enforcement of Policies for Secure Object Copying

Résumé

Exchanging mutable data objects with untrusted code is a delicate matter because of the risk of creating a data space that is accessible by an attacker. Consequently, secure programming guidelines for Java stress the importance of using defensive copying before accepting or handing out references to an inter-nal mutable object. However, implementation of a copy method (like clone()) is entirely left to the programmer. It may not provide a sufficiently deep copy of an object and is subject to overriding by a malicious sub-class. Currently no language-based mechanism supports secure object cloning. This paper proposes a type-based annotation system for defining modular copy policies for class-based object-oriented programs. A copy policy specifies the maximally allowed sharing between an object and its clone. We present a static enforcement mechanism that will guarantee that all classes fulfill their copy policy, even in the presence of overriding of copy methods, and establish the semantic correctness of the over-all approach in Coq. The mechanism has been implemented and experimentally evaluated on clone methods from several Java libraries.
Fichier principal
Vignette du fichier
esop11.pdf (905.95 Ko) Télécharger le fichier
Origine : Fichiers produits par l'(les) auteur(s)
Loading...

Dates et versions

hal-01110817 , version 1 (28-01-2015)

Identifiants

  • HAL Id : hal-01110817 , version 1

Citer

Thomas Jensen, Florent Kirchner, David Pichardie. Secure the Clones - Static Enforcement of Policies for Secure Object Copying. ESOP 2011, 2011, Saarbrucken, Germany. ⟨hal-01110817⟩
230 Consultations
52 Téléchargements

Partager

Gmail Facebook X LinkedIn More