A Simple Semantics and Static Analysis for Stack Inspection

Anindya Banerjee; David A. Naumann

doi:10.4204/EPTCS.129.17

Electronic Proceedings in Theoretical Computer Science (Sep 2013)

A Simple Semantics and Static Analysis for Stack Inspection

Anindya Banerjee,
David A. Naumann

Affiliations

Anindya Banerjee
David A. Naumann

DOI: https://doi.org/10.4204/EPTCS.129.17
Journal volume & issue: Vol. 129, no. Festschrift for Dave Schmidt
pp. 284 – 308

Abstract

Read online

The Java virtual machine and the .NET common language runtime feature an access control mechanism specified operationally in terms of run-time stack inspection. We give a denotational semantics in "eager" form, and show that it is equivalent to the "lazy" semantics using stack inspection. We give a static analysis of safety, i.e., the absence of security errors, that is simpler than previous proposals. We identify several program transformations that can be used to remove run-time checks. We give complete, detailed proofs for safety of the analysis and for the transformations, exploiting compositionality of the eager semantics.

Published in Electronic Proceedings in Theoretical Computer Science

ISSN: 2075-2180 (Online)
Publisher: Open Publishing Association
Country of publisher: Australia
LCC subjects: Science: Mathematics: Instruments and machines: Electronic computers. Computer science
Website: http://eptcs.org/

About the journal