Advanced Search

Browse by Discipline

Scientific Societies

E-print Alerts

Add E-prints

E-print Network

  Advanced Search  

Built-in Object Security Martin Abadi

Summary: Built-in Object Security
Mart´in Abadi
Computer Science Department
University of California, Santa Cruz
Modern programming languages and systems provide much support for secu-
rity. Through strong typing, they can substantially reduce the opportunities for
low-level coding errors that could result in buffer overflows and other vulnerabil-
ities. They also allow protection by encapsulation and the treatment of objects
as unforgeable capabilities. In addition, they sometimes include rich security
infrastructures, for example libraries for authentication and authorization.
Although common programming languages are not primarily concerned with
security, language definitions can be the basis for security guarantees. A language
specification may imply, for instance, that object references are unguessable. An
implementation may resort to cryptography in order to enforce this property
and others built into the language.
Conversely, for better or for worse, security machinery can have a significant
effect on language semantics and implementations, even when it is regarded as
an add-on. For instance, access-control techniques that depend on the contents
of the execution stack give an observable role to the stack, affecting program


Source: Abadi, Martín - Department of Computer Science, University of California at Santa Cruz


Collections: Computer Technologies and Information Sciences