C. Fournet and A. D. Gordon. Stack inspection: theory and variants. In Symposium on Principles of Programming Languages, pages 307--318, 2002.  Home/Search   Document Not in Database   Summary   Related Articles   Check

....controls. This proposal seems similar to Jif s use of authority declarations. Whether access control alone is sucient in practice to regulate declassi cation remains for future research. The interplay between authority and declassi cation is similar to Java s stack inspection security model [27,26,5]. In Java, privileged operations can require that they be invoked only in the context of some authorization clause, and, that, dynamically, no untrusted methods are between the authorization and the use of the privileged operation on the call stack. These constraints on the run time stack are ....

Cedric Fournet and Andrew Gordon. Stack inspection: Theory and variants. pages 307-318, 2002.

....of Java type safety and load time verification mechanisms [5, 31, 40, 22, 46, 48, 11, 21, 27, 4] Other related work has focused on mechanisms that ensure that the execution of mobile code will not unintentionally or maliciously harm the underlying systems. Such techniques include stack inspection [16], proof carrying code [42, 10, 9] software fault isolation [53] and code replacement [7] The system that we propose is not an alternative to these existing approaches to program protection and system security. Instead, it offers a complementary technique (thread level intrusion detection) that ....

C. Fournet and A.D. Gordon. Stack Inspection: Theory and Variants. In Proceedings of the 29th ACM SIGPLANSIGACT symposium on Principles of programming languages, pages 307--318, Portland, Oregon, 2002. ACM Press.

....call stack. If this fails to be the case, a catchable exception is thrown. This mechanism has no intrinsic connection with particular data objects or events; it is up to the programmer to ensure that writes to the password file are guarded by checks of permission# . Following previous work [8], we refrain from modeling exceptions and instead consider a construct, which performs the check, executing if the check succeeds and if it fails. A method body that simply performs a check can be written then skip else abort. To model the case where an exception is thrown and ....

....it may be a proper superclass (and have different permissions) than the class of the target object. As described above, stack inspection is lazy in that authorization checks are only performed when needed. For theoretical analysis, it is convenient to use the equivalent eager semantics [10, 19, 8] which works as follows. The effect of enable to the current frame only 2 if is authorized for the current class. When a method is invoked from a frame , the new frame is initialized to be where # is the class of the invoked code and ##### ### ####### # . Finally, test just ....

[Article contains additional citation context not shown here]

C. Fournet and A. D. Gordon. Stack inspection: Theory and variants. In ACM Symposium on Principles of Programming Languages (POPL), pages 307--318. ACM Press, 2002.

....Granting permission P to code C 1 adds the belief statement Ok(P ) to the set of beliefs held in the current stack frame, and calling code C 2 records the beliefs of the earlier stack frames by adding the statement C 1 says Ok(P ) to the belief set for the stack frame for C 2 . Fournet and Gordon [FG02] provides an alternative formalisation of stack inspection based on operational semantics. Their aim is to establish laws for equational reasoning in order to validate program transformations in the presence of stack inspection. The present work builds on the verification techniques developed by ....

C. Fournet and A. Gordon. Stack inspection: Theory and variants. In Proc. of the 29th ACM Symp. on Principles of Programming Languages (POPL'02). ACM Press, 2002.

No context found.

C. Fournet and A. D. Gordon. Stack inspection: Theory and variants. In 29th ACM Symposium on Principles of Programming Languages (POPL'02), pages 307--318, Jan. 2002.

....information flow control is often too restrictive and impractical for general purpose runtimes. Nevertheless, it provides an interesting point of comparison and theoretical background; the work of Fournet and Gordon explores the application of techniques directly based on information flow control [8]. Debuggers and garbage collectors also perform stack walks, for constructing traces and for finding pointers into the heap, respectively. However, their algorithms are quite different from those for stack based security, at least in the CLR, and they are subject to different performance ....

....rights, the current rights are affected whenever there is any transfer of control whether the transfer corresponds to a method call or return, and also for example if it results from exception handling. Fournet and Gordon also consider an abstract model of stack inspection mechanisms [8], based on that of Pottier et al. 15] In a simple functional setting (a lambda calculus) they discuss limitations of stack inspection. Using formal operational semantics, they also explore several alternatives to stack inspection with stronger properties by refining the reduction rule that ....

C. Fournet and A. D. Gordon. Stack inspection: Theory and variants. In 29th ACM Symposium on Principles of Programming Languages (POPL'02), pages 307--318,

No context found.

C. Fournet and A. D. Gordon. Stack inspection: theory and variants. In Symposium on Principles of Programming Languages, pages 307--318, 2002.

No context found.

C. Fournet and A. G. Gordon. Stack Inspection: Theory and Variants. In Proceedings of the 29th Annual ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 307-- 318, Portland, Oregon, Jan. 2002.

No context found.

C. Fournet and A. Gordon. Stack inspection: Theory and variants. In TwentyNinth ACM Symposium on Principles of Programming Languages, Jan. 2002.

No context found.

C. Fournet and A. D. Gordon. Stack inspection: theory and variants. In Proceedings of the 29th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pages 307-318. ACM Press, 2002.

No context found.

Cedric Fournet and Andrew D. Gordon. Stack inspection: Theory and variants. In

No context found.

C. Fournet and A. Gordon. Stack inspection: Theory and variants. In Proceedings of the ACM Symposium on Principles of Programming Languages, January 2002.

No context found.

Fornet, C. and Gordon, A.D., Stack Inspection: theory and variants, POPL, ACM, 2002.

No context found.

C. Fournet and A. Gordon. Stack inspection: Theory and variants. In Proc. 29th ACM Symp. on Principles of Programming Languages (POPL), pages 307--318, 2002.

No context found.

C. Fournet and A. Gordon, "Stack inspection: Theory and variants," in Proc. ACM Symp. Principles Programming Languages, Jan. 2002.

No context found.

Cedric Fournet and Andrew Gordon. Stack inspection: Theory and variants. In 307-318, 2002.

No context found.

Fornet, C. and Gordon, A.D., Stack Inspection: theory and variants, POPL, ACM, 2002.

No context found.

C. Fournet and A. Gordon. Stack inspection: Theory and variants. In Proc. 29th ACM Symp. on Principles of Programming Languages (POPL), pages 307--318, 2002.

No context found.

C. Fournet and A. Gordon. Stack inspection: Theory and variants. In Proceedings of the ACM Symposium on Principles of Programming Languages, January 2002.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC