Name
Abstract | ||
|---|---|---|
Reflection is a powerful programming language feature that enables language extensions, generic code, dynamic analyses, development tools, etc. However, uncontrolled reflection breaks object encapsulation and considerably increases the attack surface of programs e.g., malicious libraries can use reflection to attack their client applications. To bring reflection and object encapsulation back together, we use dynamic object ownership to design an access control policy to reflective operations. This policy grants objects full reflective power over the objects they own but limited reflective power over other objects. Code is still able to use advanced reflective operations but reflection cannot be used as an attack vector anymore. |
Year | DOI | Venue |
|---|---|---|
2015 | 10.1145/2816707.2816721 | Dynamic Languages Symposium |
Keywords | Field | DocType |
encapsulation,object ownership,reflection | Attack surface,Programming language,Computer science,Computer security,Human–computer interaction,Access control,Encapsulation (computer programming) | Conference |
Volume | Issue | ISSN |
51 | 2 | 0362-1340 |
Citations | PageRank | References |
0 | 0.34 | 18 |
Authors | ||
4 | ||
Name | Order | Citations | PageRank |
|---|---|---|---|
| Camille Teruel | 1 | 4 | 1.12 |
| Stéphane Ducasse | 2 | 3418 | 243.15 |
| Damien Cassou | 3 | 238 | 14.03 |
| Marcus Denker | 4 | 285 | 23.94 |