From stack inspection to access control: a security analysis for libraries

F. Besson, T. Blanc, C. Fournet, A.D. Gordon
Proceedings. 17th IEEE Computer Security Foundations Workshop, 2004.  
We present a new static analysis to help identify security defects in class libraries for runtimes, such as JVMs or the CLR, that rely on stack inspection for access control. Our tool inputs a set of class libraries plus a description of the permissions granted to unknown, potentially hostile code. It constructs a permissionsensitive call graph, which can be queried to identify potential defects. We describe the tool architecture, various examples of security queries, and a practical
more » ... ion that analyses large pre-existing libraries for the CLR. We also develop a new formal model of the essentials of access control in the CLR (types, classes and inheritance, access modifiers, permissions, and stack inspection). In this model, we state and prove the correctness of the analysis.
doi:10.1109/csfw.2004.1310732 fatcat:5q5rbkmklrekpptfh3f275faai