Abstract
This article investigates the security problems raised by the use of proxy-based runtime meta-object protocols (MOPs) for Java and provides an approach for making meta-level code transparent to base- level code, security-wise. We prove that, but giving all permissions only to the kernel of the MOP and by using Java’s built-in mechanism for propagating security contexts, the permissions required by base-level and meta-level code do not interfere. We illustrate this result in the context of a simple proxy-based runtime MOP that we wrote.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
M. Ancona, W. Cazzola, and E. B. Fernandez. Reflective authorization systems: Possibilities, benefits, and drawbacks. LNCS, 16030:35–50,1999.
Denis Caromel and Julien Vayssière. Reflections on MOPs, Components, and Java Security. In J. Lindskov Knudsen, editor. Proceedings of ECOOP 2001, volume 2072 of LNCS, pages 256–274, Budapest, Hungary, June 2001. Springer-Verlag.
Shigeru Chiba and Michiaki Tatsubori. Yet another java.lang.class. In ECOOP’98 Workshop on Reflective Object-Oriented Programming and Systems, Brussels, Belgium, July 1998.
J. Ferber. Computational reflection in class based object-oriented languages. ACM SIGPLAN Notices, 24(10):317–326,October 1989.
Li Gong. Inside Java 2 platform security: architecture, API design, and implementation. Addison-Wesley, Reading, MA, USA, june 1999.
J. Kleinoeder and M. Golm. Metajava: An efficient run-time meta architecture for java. Techn. Report TR-14-96-03, Univ. of Erlangen-Nuernberg, IMMD IV, 1996.
A. Oliva and L. E. Buzato. The design and implementation of Guaraná. In Proceedings of the Fifth USENIX Conference on Object-Oriented Technologies and Systems, pages 203–216. The USENIX Association, 1999.
Alexandre Oliva and Luiz Eduardo Buzato. Designing a secure and reconfigurable meta-object protocol. Technical Report IC-99-08, icunicamp, February 1999.
B. Redmond and V. Cahill, Iguana/J: Towards a dynamic and efficient reflective architecture for Java. In ECOOP 2000 Workshop on Reflection and Metalevel Architectures, June 2000.
I. Welch and R. Stroud. From Dalang to Kava — the evolution of a reflective Java extension. In Pierre Cointe, editor, Proceedings of the second international conference Reflection’99, number 1616 in LNCS, pages 2–21. Springer, July 1999.
I. Welch and R. J. Stroud. Using reflection as a mechanism for enforcing security policies in mobile code. In Proceedings of ESORICS’ number 1895 in Lecture Notes in Computer Science, pages 309–323, October 2000.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2001 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Caromel, D., Huet, F., Vayssière, J. (2001). A simple security–Aware MOP for Java. In: Yonezawa, A., Matsuoka, S. (eds) Metalevel Architectures and Separation of Crosscutting Concerns. Reflection 2001. Lecture Notes in Computer Science, vol 2192. Springer, Berlin, Heidelberg. https://doi.org/10.1007/3-540-45429-2_9
Download citation
DOI: https://doi.org/10.1007/3-540-45429-2_9
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-42618-9
Online ISBN: 978-3-540-45429-8
eBook Packages: Springer Book Archive