Name
Abstract | ||
|---|---|---|
Securing application resources or defining finer-gained access control for system resources using the Java security architecture requires manual changes to source code. This is error-prone and cannot be done if only compiled code is present. We show how behavioural reflection can be used to enforce security policies on compiled code. Other authors have implemented code rewriting toolkits that achieve the same effect but they either require policies to be expressed in terms of low level abstractions or require the use of new high level policy languages. Our approach allows reuseable policies to be implemented as metaobjects in a high level objecl oriented language (Java), and then bound to application objects at loadtime. The binding between metaobjects and objects is implemented through bytecode rewriting under the control of a declarative binding specification. We have implemented this approach using Kava which is a portable reflective Java implementation. Kava allows customisation of a rich range of runtime behaviour. and provides a non-bypassable meta level suitable for implementing security enforcement. We discuss how we have used Kava to show how to secure a third-party application, how we prevent Kava being bypassed, and compare its performance with non-reflective security enforcement. |
Year | Venue | Keywords |
|---|---|---|
2002 | Journal of Computer Security | java security architecture,securing application resource,non-bypassable meta level,source code,low level abstraction,security policy,new high level policy,non-reflective security enforcement,security enforcement,high level objecl,security architecture,access control |
Field | DocType | Volume |
Programming language,Source code,Computer science,Compiled language,Access control,Rewriting,Enforcement,Security policy,Java,Computer security model | Journal | 10 |
Issue | Citations | PageRank |
4 | 13 | 0.86 |
References | Authors | |
18 | 2 | |
Name | Order | Citations | PageRank |
|---|---|---|---|
| Ian S. Welch | 1 | 120 | 18.53 |
| Robert J. Stroud | 2 | 240 | 24.67 |