Abstract
Modern programming languages and systems provide much support for security. Through strong typing, they can substantially reduce the opportunities for low-level coding errors that could result in buffer overflows and other vulnerabilities. They also allow protection by encapsulation and the treatment of objects as unforgeable capabilities. In addition, they sometimes include rich security infrastructures, for example libraries for authentication and authorization.
Although common programming languages are not primarily concerned with security, language definitions can be the basis for security guarantees. A language specification may imply, for instance, that object references are unguessable. An implementation may resort to cryptography in order to enforce this property and others built into the language.
Conversely, for better or for worse, security machinery can have a significant effect on language semantics and implementations, even when it is regarded as an add-on. For instance, access-control techniques that depend on the contents of the execution stack give an observable role to the stack, affecting program equivalences. A language perspective can help in understanding such security mechanisms and sometimes in developing new ones.
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsReferences
Abadi, M.: Protection in programming-language translations. In: Larsen, K.G., Skyum, S., Winskel, G. (eds.) ICALP 1998. LNCS, vol. 1443, pp. 868–883. Springer, Heidelberg (1998)
Abadi, M., Fournet, C.: Access control based on execution history. In: Proceedings of the 10th Annual Network and Distributed System Security Symposium, February 2003, pp. 107–121 (2003)
Abadi, M., Fournet, C., Gonthier, G.: Secure implementation of channel abstractions. Information and Computation 174(1), 37–83 (2002)
van Doorn, L., Abadi, M., Burrows, M., Wobber, E.: Secure network objects. In: Proceedings of the 1996 IEEE Symposium on Security and Privacy, May 1996, pp. 211–221 (1996)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Abadi, M. (2003). Built-in Object Security. In: Cardelli, L. (eds) ECOOP 2003 – Object-Oriented Programming. ECOOP 2003. Lecture Notes in Computer Science, vol 2743. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-45070-2_1
Download citation
DOI: https://doi.org/10.1007/978-3-540-45070-2_1
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-40531-3
Online ISBN: 978-3-540-45070-2
eBook Packages: Springer Book Archive