Abstract
Distributed applications consisting of various sorts of network loaded components potentially require fine-grained protection domains. Software based protection techniques allow cost effective fine-grained protection for those components. However, fine-grained protection is complicated for both the programmers and the runtime systems. We propose a compiler-based technique which automatically generates optimized protection domains from a simple description of protection policies. The domain merging technique is used to reduce the numbers of protection domains and cross domain calls. We also introduce a light weight protection mechanism for Java, based upon a code translation technique that can support low cost cross domain calls. Components are protected by the dynamic generated protection codes, so programmers do not have to write any protection codes. Most of the protection domains are statically resolved and only unresolved cross domain calls are checked by the dynamic checking mechanism.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
References
Bershad, B., Savage, S., Pardyak, P., Gun Sirer, E., Fiuczynski, M., Becker, D., Eggers, S., Chambers, C.: Extensibility, Safety and Performance in the SPIN Operating System. Univ. of Washington Tech. Report (1995)
Engler, D., Kaashoek, M., O'Toole Jr, J.: The Exokernel Approach to Operating System Extensibility. Proc. USENIX Sympo. on Operating Systems Design and Implementation (1994)
Taura, K., Yonezawa, A.: Fine-grain Multithreading with Minimal Compiler Support-A Cost Effective Approach to Implementing Efficient Multithreading Languages. Proc. ACM Conf. on Programming Language Design and Implementation (1997)
Plezbert, M., Cytron, R.: Does “Just in Time” = “Better Late than Never”? Proc. ACM Conf. on Principle of Programming Languages (1997)
Wallach, D., Balfanz, D., Dean, D., Felten, E.: Extensible Security Architectures for Java. Proc. ACM 16th Sympo. on Operating System Principles (1997)
Wobber, E., Abadi, M., Burrows, M., Lampson, B.: Authentication in the Taos operating system. ACM Transactions on Computer Systems 12, 1 (1994) 3–32
Pu, C., Autrey, T., Black, A., Consel, C., Cowan, C., Inouye, J., Kethana, L., Walpole, J., Zhang, K.: Optimistic Incremental Specialization: Streamlining a Commercial Operating System. Proc. ACM 15th Sympo. on Operating System Principles (1995)
Volanschi, E., Muller, G., Consel, C.: Safe Operating System Specialization: the RPC Case Study. Workshop on Compiler Support for System Software (1996)
Fernandez. M., Simple and Effective Link-Time Optimization of Modula-3 Programs. Proc. ACM Conf. on Programming Language Design and Implementation (1995)
Gosling, J., Joy, B., Steele, G.: The Java Language Specification. Addison-Wesley (1996)
Yellin, F., Sun Microsystems, Inc.: Low Level Security in Java. http://java.sun. com/sfaq/verifier.html (1996)
Sun Microsystems, Inc.: Secure Computing with Java: Now and the Future. http://www.javasoft.com/marketing/collateral/security. html (1997)
Adl-Tabatabai, A., Langdale, G., Lucco, S., Wahbe, R.: Efficient and Language-Independent Mobile Programs. Proc. ACM Conf. on Programming Language Design and Implementation (1996)
Hawblitzel, C., Chang, C., Czajkowski, G., Hu, D., Eicken, T.: SLK: A Capability System Based on Safe Language Technology. Cornell Univ. Tech. Report for Department of Computer Science (1997)
Jones, M., Rachid. R.: Mach and Matchmaker: Kernel and Language Support for Object-Oriented Distributed Systems. Proc. ACM OOPSLA'86 (1986)
Eide, E., Frei, K., Ford, B., Lepreau, J., Lindstrom, G.: Flick: A Flexible, Optimizing IDL Compiler. Proc. ACM Conf. on Programming Language Design and Implementation (1997)
Poletto, M., Engler, D., Kaashoek, M.: tcc: A System for Fast, Flexible, and High-level Dynamic Code Generation. Proc. ACM Conf. on Programming Language Design and Implementation (1997)
Auslander, J., Philipose, M., Chambers, C., Eggers, S., Bershad, B.: Fast, Effective Dynamic Compilation. Proc. ACM Conf. on Programming Language Design and Implementation (1996)
Hirano, S.: HORB: Distributed Execution of Java Programs. Proc. Conf. on World-Wide Computing and Its Applications (1997)
[HS97] Hudson, S., Smith, I.: subArctic. http://www.cs.gatech.edu/gvu/ui/sub-rctic/ (1997)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 1998 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Furukawa, Y., Shibayama, E. (1998). Compiler-generated protection domains and a light weight runtime protection technique. In: Masunaga, Y., Katayama, T., Tsukamoto, M. (eds) Worldwide Computing and Its Applications — WWCA'98. WWCA 1998. Lecture Notes in Computer Science, vol 1368. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-64216-1_47
Download citation
DOI: https://doi.org/10.1007/3-540-64216-1_47
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-64216-9
Online ISBN: 978-3-540-69704-6
eBook Packages: Springer Book Archive