使用虚拟机安全性加强组件约束

2012 38th Euromicro Conference on Software Engineering and Advanced Applications Pub Date : 2012-09-05 DOI:10.1109/SEAA.2012.72

A. A. M. Matsui, Straus Michalsky, M. Gerosa

{"title":"使用虚拟机安全性加强组件约束","authors":"A. A. M. Matsui, Straus Michalsky, M. Gerosa","doi":"10.1109/SEAA.2012.72","DOIUrl":null,"url":null,"abstract":"A key problem in component-based frameworks is controlling what each component can access. This problem is particularly complex in cases in which a system is specified by non-programmers who describe systems as a set of component instances and connections between these instances. An effective way to implement such control is by translating component constraints into security constraints that a virtual machine can administer. Our contribution is to use injection of security logic not only to control end-user access to functions, but also to control component to component interactions. We have found that injection of constraint verification points can be elegantly done using AOP.","PeriodicalId":298734,"journal":{"name":"2012 38th Euromicro Conference on Software Engineering and Advanced Applications","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2012-09-05","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"Using Virtual Machine Security to Reinforce Components Constraints\",\"authors\":\"A. A. M. Matsui, Straus Michalsky, M. Gerosa\",\"doi\":\"10.1109/SEAA.2012.72\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"A key problem in component-based frameworks is controlling what each component can access. This problem is particularly complex in cases in which a system is specified by non-programmers who describe systems as a set of component instances and connections between these instances. An effective way to implement such control is by translating component constraints into security constraints that a virtual machine can administer. Our contribution is to use injection of security logic not only to control end-user access to functions, but also to control component to component interactions. We have found that injection of constraint verification points can be elegantly done using AOP.\",\"PeriodicalId\":298734,\"journal\":{\"name\":\"2012 38th Euromicro Conference on Software Engineering and Advanced Applications\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2012-09-05\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2012 38th Euromicro Conference on Software Engineering and Advanced Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/SEAA.2012.72\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2012 38th Euromicro Conference on Software Engineering and Advanced Applications","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SEAA.2012.72","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 2

摘要

基于组件的框架中的一个关键问题是控制每个组件可以访问的内容。如果系统是由非程序员指定的，他们将系统描述为一组组件实例和这些实例之间的连接，那么这个问题就特别复杂。实现这种控制的有效方法是将组件约束转换为虚拟机可以管理的安全约束。我们的贡献是使用安全逻辑注入，不仅控制最终用户对功能的访问，而且控制组件对组件的交互。我们已经发现约束验证点的注入可以用AOP优雅地完成。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Using Virtual Machine Security to Reinforce Components Constraints

A key problem in component-based frameworks is controlling what each component can access. This problem is particularly complex in cases in which a system is specified by non-programmers who describe systems as a set of component instances and connections between these instances. An effective way to implement such control is by translating component constraints into security constraints that a virtual machine can administer. Our contribution is to use injection of security logic not only to control end-user access to functions, but also to control component to component interactions. We have found that injection of constraint verification points can be elegantly done using AOP.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2012 38th Euromicro Conference on Software Engineering and Advanced Applications

自引率

0.00%

发文量