Access Control to Reflection with Object Ownership - Archive ouverte HAL Access content directly
Conference Papers Year :

Access Control to Reflection with Object Ownership

(1) , (1) , (1) , (1)
1

Abstract

Reflection is a powerful programming language feature that enables language extensions, generic code, dynamic analyses , development tools, etc. However, uncontrolled reflection breaks object encapsulation and considerably increases the attack surface of programs e.g., malicious libraries can use reflection to attack their client applications. To bring reflection and object encapsulation back together, we use dynamic object ownership to design an access control policy to reflective operations. This policy grants objects full reflective power over the objects they own but limited reflective power over other objects. Code is still able to use advanced reflective operations but reflection cannot be used as an attack vector anymore.
Fichier principal
Vignette du fichier
Teru15b-DLS15-AccessControlWithOwnership.pdf (242.97 Ko) Télécharger le fichier
Origin : Files produced by the author(s)
Loading...

Dates and versions

hal-01217041 , version 1 (01-11-2015)

Identifiers

Cite

Camille Teruel, Stéphane Ducasse, Damien Cassou, Marcus Denker. Access Control to Reflection with Object Ownership. Dynamic Languages Symposium, Oct 2015, USA, France. pp.168-176, ⟨10.1145/2816707.2816721⟩. ⟨hal-01217041⟩
177 View
226 Download

Altmetric

Share

Gmail Facebook Twitter LinkedIn More