Sciweavers

SOCO
2008
Springer

Component-Based Access Control: Secure Software Composition through Static Analysis

13 years 12 months ago
Component-Based Access Control: Secure Software Composition through Static Analysis
Abstract. Extensible Component Platforms support the discovery, installation, starting, uninstallation of components at runtime. Since they are often targeted at mobile resource-constraint devices, they have both strong performance and security requirements. The current security model for Java systems, Permissions, are based on call stack analysis. They proves to be very time-consuming, which makes them difficult to use in production environments. We therefore define the Component-Based Access Control (CBAC) Security Model, which aims at emulating Java Permissions through static analysis at the installation phase of the components. CBAC is based on a fully declarative approach, that makes it possible to tag arbitrary methods as sensitive. A formal model is defined to guarantee that a given component have sufficient access rights, and that dependencies between components are taken into account. A first implementation of the model is provided for the OSGi Platform, using the ASM library ...
Pierre Parrend, Stéphane Frénot
Added 15 Dec 2010
Updated 15 Dec 2010
Type Journal
Year 2008
Where SOCO
Authors Pierre Parrend, Stéphane Frénot
Comments (0)