We propose an extension to the security model of Java, that allows for specifying, analysing and enforcing history-based usage policies. Policies are defined by usage automata, that recognize the forbidden execution histories. Programmers can sandbox an untrusted piece of code with a policy, which is enforced at run-time through its local scope. A static analysis allows for optimizing the execution monitor: only the policies not guaranteed to be always obeyed will be enforced at run-time.
Titolo: | Securing Java with local policies |
Autori: | |
Data di pubblicazione: | 2009 |
Rivista: | |
Handle: | http://hdl.handle.net/11584/18918 |
Tipologia: | 1.1 Articolo in rivista |
File in questo prodotto:
File | Descrizione | Tipologia | Licenza | |
---|---|---|---|---|
securing-java.pdf | Articolo principale | versione editoriale | Non specificato | Open Access Visualizza/Apri |
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.