TECHNICAL REPORT ARCHIVE


A Conservative Algorithm for Computing the Flow of Permissions in Java Programs

TR-CIS-2001-07 (12/21/2001)
Gleb Naumovich

pdf version of this paper

Abstract
Software programs are increasingly distributed and open, which, unless designers and coders are careful, makes such programs vulnerable to attacks. Java offers a built-in security mechanism, enabling programmers to give permissions to distributed components and check these permissions at run-time. This security model is flexible, but using it is not straightforward. In this paper, we propose a data flow algorithm for automated analysis of the permissions flow in Java programs. Our algorithm produces, for a given point in the program, a set of all permissions that are checked on all possible executions to this point. These data can be used in program understanding tools or directly in checking properties that assert what permissions must always be checked before access to certain functionality is allowed. The worst-case complexity of our algorithm is low-order polynomial in the number of program statements and permission types, while comparable previous approaches have exponential costs.

Back to previous page