Abstract
The confinement of object references is a significant security concern for modern programming languages. We define a language that serves as a uniform model for a variety of confined object reference systems. A use-based approach to confinement is adopted, which we argue is more expressive than previous communication-based approaches. We then develop a readable, expressive type system for static analysis of the language, along with a type safety result demonstrating that run-time checks can be eliminated. The language and type system thus serve as a reliable, declarative, and efficient foundation for secure capability-based programming and object confinement .
Similar content being viewed by others
References
Aldrich J, Kostadinov V, Chambers C (2002) Alias annotations for program understanding. In: Proceedings of the 17th ACM conference on object-oriented programming, systems, languages, and applications. ACM Press, New York, pp 311–330
Banerjee A, Naumann D (2002) Representation independence, confinement and access control. In: Conference Record of POPL02: The 29TH ACM SIGPLAN-SIGACT symposium on principles of programming languages, Portland, OR, January 2002, pp 166–177
Banerjee A, Naumann D (2003) Using access control for secure information flow in a java-like language. In: Proceedings of the 16th IEEE Computer Security Foundations Workshop (CSFW03)
Bokowski B, Vitek J (1999) Confined types. In: Proceedings of the 14th annual ACM SIGPLAN conference on object-oriented programming systems, languages, and applications (OOPSLA), November 1999
Boyland J, Noble J, Retert W (2001) Capabilities for aliasing: a generalisation of uniqueness and read-only. In: ECOOP’01 – Object-oriented programming, 15th European conference. Lecture notes in computer science, vol 2072. Springer, Berlin Heidelberg New York
Bryce C, Vitek J (1999) The JavaSeal mobile agent kernel. In: 1st international symposium on agent systems and applications (ASA’99)/3rd international symposium on mobile agents (MA’99), Palm Springs, CA
Clarke D (2001) An object calculus with ownership and containment. In: FOOL8 – the 8th international workshop on foundations of object-oriented languages
Clarke D, Drossopoulou S (2002) Ownership, encapsulation and the disjointness of type and effect. In: Conference on object-oriented programming systems, languages and applications (OOPSLA)
Clarke D, Noble J, Potter J (2001) Simple ownership types for object containment. In: ECOOP’01 – Object-oriented programming, 15th European conference. Lecture notes in computer science, vol 2072. Springer, Berlin, Heidelberg, New York
Miller M, et al The E programming language. http://www.erights.org
Fournet C, Gordon AD (2002) Stack inspection: theory and variants. In: Proceedings of the 29th symposium on principles of programming languages (POPL’02), January 2002
Hawblitzel C, Chang C-C, Czajkowski G, Hu D, von Eicken T (1998) Implementing multiple protection domains in Java. In: 1998 USENIX annual technical conference, New Orleans, pp 259–270
Hennessy M, Riely J (2002) Resource access control in systems of mobile agents. Inf Comput 173:83–120
Kain RY, Landwehr CE (1987) On access checking in capability-based systems. IEEE Trans Softw Eng 13(2):202–207
Leino KRM, Nelson G (2002) Data abstraction and information hiding. ACM Trans Programm Lang Syst 24(5):491–553
Müller P, Poetzsch-Heffter A (1999) Universes: a type system for controlling representation exposure. In: Poetzsch-Heffter A, Meyer J (eds) Programming languages and fundamentals of programming, Technical Report, vol 263. Fernuniversität Hagen
Odersky M, Sulzmann M, Wehr M (1999) Type inference with constrained types. Theory Practice Object Syst 5(1):35–55
Pottier F (2000) A versatile constraint-based type inference system. Nordic J Comput 7(4):312–347
Pottier F, Conchon S (2000) Information flow inference for free. In: Proceedings of the the 5th ACM SIGPLAN international conference on functional programming (ICFP’00), September 2000, pp 46–57
Pottier F, Skalka C, Smith S (2001) A systematic approach to static access control. In: Sands D (ed) Proceedings of the 10th European symposium on programming (ESOP’01), April 2001. Lecture notes in computer science, vol 2028. Springer, Berlin Heidelberg New York, pp 30–45
Rémy D (1992) Projective ML. In: 1992 ACM conference on Lisp and functional programming, New York. ACM Press, New York, pp 66–75
Rémy D (1993) Syntactic theories and the algebra of record terms. Research Report 1869, INRIA
Rémy D (1993) Typing record concatenation for free. In: Gunter CA, Mitchell JC (eds) Theoretical aspects of object-oriented programming: types, semantics and language design. MIT Press, Cambridge, MA
Shapiro J, Weber S (2000) Verifying the EROS confinement mechanism. In: 21st IEEE symposium on research in security and privacy
Skalka C (2002) Types for programming language-based security. PhD thesis, Johns Hopkins University, Baltimore, MD
Skalka C, Pottier F (2003) Syntactic type soundness for HM(X). Electronic notes in theoretical computer science, vol 75
Skalka C, Smith S (2003) Set types and applications. Electronic notes in theoretical computer science, vol 75
van Doorn L, Abadi M, Burrows M, Wobber E (1996) Secure network objects. In: IEEE symposium on security and privacy, May 1996
Vitek J, Bokowski B (2001) Confined types in java. Softw Practice Exper 31(6):507–532
Walker D (2000) A type system for expressive security policies. In: Conference record of POPL’00: The 27th ACM SIGPLAN-SIGACT symposium on principles of programming languages, Boston, MA, January 2000, pp 254–267
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Skalka, C., Smith, S. Static use-based object confinement. IJIS 4, 87–104 (2005). https://doi.org/10.1007/s10207-004-0049-5
Published:
Issue Date:
DOI: https://doi.org/10.1007/s10207-004-0049-5