|
|
|
 |
TR-CIS-2001-07 (12/21/2001)
Gleb Naumovich
Abstract
Software programs are increasingly distributed and open, which, unless
designers and coders are careful, makes such programs vulnerable to
attacks. Java offers a built-in security mechanism, enabling
programmers to give permissions to distributed components and check
these permissions at run-time. This security model is flexible, but
using it is not straightforward. In this paper, we propose a data
flow algorithm for automated analysis of the permissions flow in Java
programs. Our algorithm produces, for a given point in the program, a
set of all permissions that are checked on all possible executions to
this point. These data can be used in program understanding tools or
directly in checking properties that assert what permissions must
always be checked before access to certain functionality is allowed.
The worst-case complexity of our algorithm is low-order polynomial in
the number of program statements and permission types, while
comparable previous approaches have exponential costs.