Hostname: page-component-cd9895bd7-mkpzs Total loading time: 0 Render date: 2024-12-23T04:37:36.608Z Has data issue: false hasContentIssue false

Stack-based access control and secure information flow

Published online by Cambridge University Press:  03 March 2005

ANINDYA BANERJEE
Affiliation:
Department of Computing and Information Sciences, Kansas State University, Manhattan, KS 66506, USA (email: ab@cis.ksu.edu)
DAVID A. NAUMANN
Affiliation:
Department of Computer Science, Stevens Institute of Technology, Hoboken, NJ 07030, USA (email: naumann@cs.stevens-tech.edu)
Rights & Permissions [Opens in a new window]

Abstract

Core share and HTML view are not available for this content. However, as you have access to this content, a full PDF is available via the ‘Save PDF’ action button.

Access control mechanisms are often used with the intent of enforcing confidentiality and integrity policies, but few rigorous connections have been made between information flow and runtime access control. The Java virtual machine and the .NET runtime system provide a dynamic access control mechanism in which permissions are granted to program units and a runtime mechanism checks permissions of code in the calling chain. We investigate a design pattern by which this mechanism can be used to achieve confidentiality and integrity goals: a single interface serves callers of more than one security level and dynamic access control prevents release of high information to low callers. Programs fitting this pattern would be rejected by previous flow analyses. We give a static analysis that admits them, using permission-dependent security types. The analysis is given for a class-based object-oriented language with features including inheritance, dynamic binding, dynamically allocated mutable objects, type casts and recursive types. The analysis is shown to ensure a noninterference property formalizing confidentiality and integrity.

Type
Research Article
Copyright
2005 Cambridge University Press
Submit a response

Discussions

No Discussions have been published for this article.