Skip to main content
SpringerLink
Log in

Method-Specific Java Access Control via RMI Proxy Objects Using Annotations

(Short Paper)

  • Conference paper
Information Systems Security (ICISS 2009)

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 5905))

Included in the following conference series:

Abstract

We propose a novel approach for granting to remote clients partial access on arbitrary objects at the granularity of methods. The applications that we target use Remote Method Invocation (RMI). We automatically build proxy objects, and give them to untrusted clients instead of the originals. Proxy objects expose a subset of methods to prevent potentially dangerous calls from clients. We present the system’s semantics, implementation, and its evaluation. Creating a proxy takes an order of magnitude less time than the corresponding RMI lookup.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Wallach, D., Appel, A., Felten, E.: SAFKASI: A Security Mechanism for Language-based Systems. ACM Transactions on Software Engineering and Methodology (TOSEM) 9, 341–378 (2000)

    Article  Google Scholar 

  2. Fournet, C., Gordon, A.: Stack Inspection: Theory and Variants. ACM Transactions on Programming Languages and Systems (TOPLAS) 25, 360–399 (2003)

    Article  Google Scholar 

  3. Richmond, M., Noble, J.: Reflections on Remote Reflection. In: Proceedings of the 24th Australasian Conference on Computer Science, vol. 11, pp. 163–170 (2001)

    Google Scholar 

  4. Hugh, M., Ryan, M.: Logic in Computer Science, 2nd edn. Cambridge University Press, Cambridge (2004)

    Google Scholar 

  5. McManus, E.: Build your own interface—dynamic code generation (2006), http://weblogs.java.net/blog/emcmanus/archive/2006/10/build_your_own.html (accessed, 2009-05-22)

  6. Pandey, R., Hashii, B.: Providing Fine-Grained Access Control for Java Programs. In: Guerraoui, R. (ed.) ECOOP 1999. LNCS, vol. 1628, pp. 449–473. Springer, Heidelberg (1999)

    Chapter  Google Scholar 

  7. Bryce, C., Razafimahefa, C.: An Approach to Safe Object Sharing. In: Proceedings of the 15th ACM SIGPLAN Conference on Object-Oriented Programming, Systems, Languages, and Applications, pp. 367–381 (2000)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. University of Waterloo, Waterloo, Ontario, Canada

    Jeff Zarnett, Patrick Lam & Mahesh Tripunitara

Authors
  1. Jeff Zarnett
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Patrick Lam
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mahesh Tripunitara
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Electrical Engineering and Computer Science Department, University of Michigan, 48109, Ann Arbor, MI, USA

    Atul Prakash

  2. Department of Computer Science and Engineering, Indian Institute of Technology Kharagpur, Kharagpur, India

    Indranil Sen Gupta

Rights and permissions

Reprints and permissions

Copyright information

© 2009 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Zarnett, J., Lam, P., Tripunitara, M. (2009). Method-Specific Java Access Control via RMI Proxy Objects Using Annotations. In: Prakash, A., Sen Gupta, I. (eds) Information Systems Security. ICISS 2009. Lecture Notes in Computer Science, vol 5905. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-10772-6_23

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-10772-6_23

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-10771-9

  • Online ISBN: 978-3-642-10772-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation