Securing Java with Local Policies
By: Massimo Bartoletti, Gabriele Costa, Pierpaolo Degano, Fabio Martinelli, Roberto Zunino
We propose an extension to the security model of Java, that allows for specifying, analysing and enforcing history-based usage policies. Policies are defined by usage automata, that recognize the forbidden execution histories. Programmers can sandbox an untrusted piece of code with a policy, which is enforced at run-time through its local scope. A static analysis allows for optimizing the execution monitor: only the policies not guaranteed to be always obeyed will be enforced at run-time.
Massimo Bartoletti, Gabriele Costa, Pierpaolo Degano, Fabio Martinelli, Roberto Zunino, “Securing Java with Local Policies”, Journal of Object Technology, Volume 8, no. 4 (June 2009), pp. 5-32, doi:10.5381/jot.2009.8.4.a1.