Using Virtual Machine Security to Reinforce Components Constraints

Abstract

A key problem in component-based frameworks is controlling what each component can access. This problem is particularly complex in cases in which a system is specified by non-programmers who describe systems as a set of component instances and connections between these instances. An effective way to implement such control is by translating component constraints into security constraints that a virtual machine can administer. Our contribution is to use injection of security logic not only to control end-user access to functions, but also to control component to component interactions. We have found that injection of constraint verification points can be elegantly done using AOP.