Abstract
This paper explores adding capabilities to Java with the objective of tightening security management for access to resources both within the Java Class Library and Java applications. Code can only access resources if it is given explicit capabilities, allowing replacement of the use of doPrivileged blocks. Capabilities provide restricted access to their implementing object – like an interface – but when a capability is created, it has a more restrictive dynamic type than its implementing object, and hence access to the full facilities of the implementing object (e.g. via down casting) are precluded. We used the Annotation Processing Tool to track the declaration and use of capabilities.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Getting Started with the Annotation Processing Tool, apt. https://docs.oracle.com/javase/7/docs/technotes/guides/apt/GettingStarted.html
Cifuentes, C., Gross, A., Keynes, N.: Understanding caller-sensitive method vulnerabilities: a class of access control vulnerabilities in the Java platform. In: Proceedings of the 4th ACM SIGPLAN International Workshop on State Of the Art in Program Analysis, SOAP@PLDI 2015, pp. 7–12. ACM (2015)
Clebsch, S., Drossopoulou, S., Blessing, S., McNeil, A.: Deny capabilities for safe, fast actors. In: Proceedings of the 5th International Workshop on Programming Based on Actors, Agents, and Decentralized Control, AGERE! 2015, pp. 1–12. ACM (2015)
Gong, L., Ellison, G., Dageforde, M.: Inside Java 2 Platform Security: Architecture, API Design, and Implementation, 2nd edn. Addison Wesley (2003)
Google Caja Team: Google-Caja: A Source-to-Source Translator for Securing JavaScript-Based Web. http://code.google.com/p/google-caja/
Gosling, J., Joy, B., Steele, G., Bracha, G., Buckley, A.: The Java Language Specification: Java SE 8 Edition, 13 February 2015. https://docs.oracle.com/javase/specs/jls/se8/html/index.html
Haller, P., Loiko, A.: LaCaSa: lightweight affinity and object capabilities in scala. In: Proceedings of the ACM SIGPLAN International Conference on Object-Oriented Programming, Systems, Languages, and Applications, OOPSLA 2016, Part of SPLASH 2016, pp. 272–291. ACM (2016)
Hermann, B., Reif, M., Eichberg, M., Mezini, M.: Getting to know you: towards a capability model for Java. In: Proceedings of the 10th Joint Meeting on Foundations of Software Engineering, ESEC/FSE 2015, pp. 758–769. ACM (2015)
Java Platform, Standard Edition 8: API Specification. http://docs.oracle.com/javase/8/docs/api/. Accessed 20 May 2015
The Java Programming Language Compiler, javac. https://docs.oracle.com/javase/8/docs/technotes/guides/javac/index.html
Koivu, S.: Java Trusted Method Chaining (CVE-2010-0840/ZDI-10-056), 08 April 2010. http://slightlyrandombrokenthoughts.blogspot.com.au/2010/04/java-trusted-method-chaining-cve-2010.html
Mettler, A., Wagner, D.: The Joe-E language specification, Version 1.0. Technical report EECS-2008-91, University of California, Berkeley, August 2008
Mettler, A., Wagner, D., Close, T.: Joe-E: a security-oriented subset of Java. In: Proceedings of the Symposium on Network and Distributed System Security, NDSS 2010. The Internet Society (2010)
Miller, M.S.: Robust composition: towards a unified approach to access control and concurrency control. Ph.D. thesis, Johns Hopkins University (2006)
Miller, M.S., Samuel, M., Laurie, B., Awad, I., Stay, M.: Caja: safe active content in sanitized JavaScript, 15 January 2008. http://google-caja.googlecode.com/files/caja-spec-2008-01-15.pdf
Moore, S., Dimoulas, C., King, D., Chong, S.: SHILL: a secure shell scripting language. In: Proceedings of the 11th USENIX Symposium on Operating Systems Design and Implementation, OSDI 2014, pp. 183–199. USENIX Association (2014)
Pistoia, M., Flynn, R.J., Koved, L., Sreedhar, V.C.: Interprocedural analysis for privileged code placement and tainted variable detection. In: Black, A.P. (ed.) ECOOP 2005. LNCS, vol. 3586, pp. 362–386. Springer, Heidelberg (2005). https://doi.org/10.1007/11531142_16
Reinhold, M.: Project Jigsaw: Goals and Requirements, 02 July 2014. http://openjdk.java.net/projects/jigsaw/goals-reqs/03
Reinhold, M.: The State of the Module System, 08 March 2016. http://openjdk.java.net/projects/jigsaw/spec/sotms/
Acknowledgements
The research presented here is supported by Australian Research Linkage Grant LP140100700 in collaboration with Oracle Labs Australia. We would like to thank Cristina Cifuentes, Paddy Krishnan, Yi Lu, Raghavendra K.R. and John Rose for feedback on the ideas presented here. The paper has benefited from insightful feedback from the reviewers.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this paper
Cite this paper
Hayes, I.J., Wu, X., Meinicke, L.A. (2017). Capabilities for Java: Secure Access to Resources. In: Chang, BY. (eds) Programming Languages and Systems. APLAS 2017. Lecture Notes in Computer Science(), vol 10695. Springer, Cham. https://doi.org/10.1007/978-3-319-71237-6_4
Download citation
DOI: https://doi.org/10.1007/978-3-319-71237-6_4
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-71236-9
Online ISBN: 978-3-319-71237-6
eBook Packages: Computer ScienceComputer Science (R0)