Language-Based Protection

 

Specification of protection in a programming language allows the high-level description of policies for the allocation and use of resources.

 

Language implementation can provide software for protection enforcement when automatic hardware supported checking is unavailable.

 

Interpret protection specifications to generate calls on whatever protection system is provided by the hardware and the operating system.

 

Protection in Java 2

 

Protection is handled by the Java Virtual Machine (JVM)


A class is assigned a protection domain when it is loaded by the JVM.

 

The protection domain indicates what operations the class can (and cannot) perform.

 

If a library method is invoked that performs a privileged operation, the stack is inspected to ensure the operation can be performed by the library.

 

Stack Inspection

 

     

 

                                                                                                                                               

                                                                                                                                                                                                                    Back