A Visualization System for Permission Check in Java using Static Analysis

Yun Kyung Kim; Byeong Mo Chang

A Visualization System for Permission Check in Java using Static Analysis

Yun Kyung Kim

Byeong Mo Chang

The KIPS Transactions:PartA, Vol. 13, No. 5, pp. 399-404, Oct. 2006

10.3745/KIPSTA.2006.13.5.399, PDF Download:

Abstract

In Java 2, to enforce a security policy of a program, programmer writes permission sets required by the code at the policy file, sets Security Manager on system and executes the program. Then Security Manager checks by stack inspection whether an access request to resource should be granted or denied whenever code tries to access critical resource. In this paper, we develop a visualization tool which helps programmers enforce security policy effectively into programs. This system is based on the static permission check analysis which analyzes permission checks which must succeed or fail at each method. Based on this analysis information, programmer can examine visually how permission checks and their stack inspection are performed. By modifying program or policy file if necessary and examining analysis information repeatedly, programmer can enforce security policy correctly.

Statistics

Show / Hide Statistics

Statistics (Cumulative Counts from September 1st, 2017)
Multiple requests among the same browser session are counted as one view.
If you mouse over a chart, the values of data points will be shown.

Cite this article

[IEEE Style]

Y. K. Kim and B. M. Chang, "A Visualization System for Permission Check in Java using Static Analysis," The KIPS Transactions:PartA, vol. 13, no. 5, pp. 399-404, 2006. DOI: 10.3745/KIPSTA.2006.13.5.399.

[ACM Style]

Yun Kyung Kim and Byeong Mo Chang. 2006. A Visualization System for Permission Check in Java using Static Analysis. The KIPS Transactions:PartA, 13, 5, (2006), 399-404. DOI: 10.3745/KIPSTA.2006.13.5.399.