A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2018; you can also visit the original URL.
The file type is
Combining Static and Dynamic Analysis for Automatic Identification of Precise Access-Control Policies
Proceedings of the Computer Security Applications Conference
Given a large component-based program, it may be very complex to identify an optimal access-control policy, allowing the program to execute with no authorization failures and no violations of the Principle of Least Privilege. This paper presents a novel combination of static and dynamic analysis for automatic determination of precise accesscontrol policies for programs that will be executed on Stack-Based Access Control systems, such as Java and the Common Language Runtime (CLR). The staticdoi:10.1109/acsac.2007.4412997 fatcat:kjdopptoybg7xk6pihu5dit3xi