This article presents a static type system for the Java virtual machine (JVM) code that enforces an access control mechanism similar to that found in a Java implementation. In addition to verifying type consistency of a given JVM code, the type system statically verifies whether the code accesses only those resources that are granted by the prescribed access policy. The type system is proved to be sound with respect to an operational semantics that enforces access control dynamically, similar to Java stack inspection. This result ensures that well-typed code cannot violate access policy. The authors then develop a type inference algorithm and show that it is sound with respect to the type system. These results allow us to develop a static system for JVM access control, without resorting to costly runtime stack inspection.
|Journal||ACM Transactions on Programming Languages and Systems|
|Publication status||Published - 2007 Jan 1|
- Access control
- Stack inspection
- Type inference
- Type system
ASJC Scopus subject areas