Type safe dynamic linking for JVM access control

Christian Skalka
2007 Proceedings of the 9th ACM SIGPLAN international conference on Principles and practice of declarative programming - PPDP '07  
The Java JDK security model provides an access control mechanism for the JVM based on dynamic stack inspection. Previous results have shown how stack inspection can be enforced at compile time via whole-program type analysis, but features of the JVM present significant remaining technical challenges. For instance, dynamic dispatch at the bytecode level requires special consideration to ensure flexibility in typing. Even more problematic is dynamic class loading and linking, which disallow a
more » ... ly static analysis in principle, though the intended applications of the JDK exploit these features. We propose an extension to existing bytecode verification, that enforces stack inspection at link time, without imposing new restrictions on the JVM class loading and linking mechanism. Our solution is more flexible than existing type based approaches, and establishes a formal type safety result for bytecode-level access control in the presence of dynamic class linking.
doi:10.1145/1273920.1273928 dblp:conf/ppdp/Skalka07 fatcat:2xvxce76rndf3cn4b3ek3orsri