Open Access. Powered by Scholars. Published by Universities.®
Articles 1 - 2 of 2
Full-Text Articles in Computer Engineering
Access Control Contracts For Java Program Modules, Carlos E. Rubio-Medrano, Yoonsik Cheon
Access Control Contracts For Java Program Modules, Carlos E. Rubio-Medrano, Yoonsik Cheon
Departmental Technical Reports (CS)
Application-level security has become an issue in recent years; for example, errors, discrepancies and omissions in the specification of access control constraints of security-sensitive software components are recognized as an important source for security vulnerabilities. We propose to formally specify access control assumptions or constraints of a program module and enforce them at run-time. We call such specifications access control contracts. To realize access control contracts, we extended the JML language, a formal interface specification language for Java, and developed a prototype support tool that translates access control contracts to runtime checks. The access control contract reduces the vulnerability that …
Runtime Assertion Checking For Jml On The Eclipse Platform Using Ast Merging, Amritam Sarcar
Runtime Assertion Checking For Jml On The Eclipse Platform Using Ast Merging, Amritam Sarcar
Departmental Technical Reports (CS)
The Java Modeling Language (JML) is a formal behavioral interface specification language for Java. It is used for detailed design documentation of Java program modules such as classes and interfaces. JML has been used extensively by many researchers across various projects and has a large and varied spectrum of tool support. It extends from runtime assertion checking (RAC) to theorem proving.
Amongst these tools, RAC and ESC/Java has been used as a common tool for many research projects. RAC for JML is a tool that checks at runtime for possible violations of any specifications. However, lately there has been a …