Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to accommodate components with diverse levels of trust. Although stack inspection enables the fine-grained expression of access control policies, it has rather a complex and subtle semantics. We present a formal semantics and an equational theory to explain how stack inspection affects program behavior and code optimisations. We discuss the security properties enforced by stack inspection, and also consider variants with stronger, simpler properties.
%0 Journal Article
%1 Fournet:2003:SIT
%A Fournet, Cédric
%A Gordon, Andrew D.
%C New York, NY, USA
%D 2003
%I ACM
%J ACM Trans. Program. Lang. Syst.
%K CLR Inspection JVM Security Stack TailCalls
%N 3
%P 360--399
%R 10.1145/641909.641912
%T Stack Inspection: Theory and Variants
%V 25
%X Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to accommodate components with diverse levels of trust. Although stack inspection enables the fine-grained expression of access control policies, it has rather a complex and subtle semantics. We present a formal semantics and an equational theory to explain how stack inspection affects program behavior and code optimisations. We discuss the security properties enforced by stack inspection, and also consider variants with stronger, simpler properties.
@article{Fournet:2003:SIT,
abstract = {Stack inspection is a security mechanism implemented in runtimes such as the JVM and the CLR to accommodate components with diverse levels of trust. Although stack inspection enables the fine-grained expression of access control policies, it has rather a complex and subtle semantics. We present a formal semantics and an equational theory to explain how stack inspection affects program behavior and code optimisations. We discuss the security properties enforced by stack inspection, and also consider variants with stronger, simpler properties.},
acmid = {641912},
added-at = {2012-09-28T12:47:06.000+0200},
address = {New York, NY, USA},
author = {Fournet, C{\'e}dric and Gordon, Andrew D.},
biburl = {https://www.bibsonomy.org/bibtex/210b83427c1ee26e232142424493c5385/gron},
description = {Stack inspection},
doi = {10.1145/641909.641912},
interhash = {3666bd2abb3662afc5c89e6be02237f4},
intrahash = {10b83427c1ee26e232142424493c5385},
issn = {0164-0925},
issue_date = {May 2003},
journal = {ACM Trans. Program. Lang. Syst.},
keywords = {CLR Inspection JVM Security Stack TailCalls},
month = may,
number = 3,
numpages = {40},
pages = {360--399},
publisher = {ACM},
timestamp = {2013-07-27T10:43:30.000+0200},
title = {Stack Inspection: Theory and Variants},
volume = 25,
year = 2003
}