Secure Internet Programming - menu
Secure Internet Programming
Home
Projects
People
Publications
Support
Seminar
History
FAQ
Princeton University
Department of Computer Science

sip@cs.princeton.edu

Modularity and Secure Linking
Lujo Bauer, Eun-Young Lee, Andrew Appel, Edward Felten

It is becoming increasingly common for mutually untrusting software components to be parts of the same program; examples include Java applets, ActiveX controls, Component Object Model (COM) objects, and extensible operating systems. We propose to create methods and tools that will make it easier for programmers to write software components that will function securely when linked with potentially hostile components. We will do this by combining research results on several topics: information hiding and language design, hierarchical modularity, dynamic linking, and access control. One result of this work will be a set of tools that lets programmers precisely control the visibility and accessibility of pieces of their software, allowing different views of a software component to be presented to different clients depending on the provenance of the client code. We will implement software tools to support this for programs written in the Java and ML languages.

One result of our work is a new module system for Java that improves upon many of the deficiencies of the Java package system and gives the programmer more control over dynamic linking. Our module system provides explicit interfaces, multiple views of modules based on hierarchical nesting, and more flexible name-space management than the Java package system. Relationships between modules are explicitly specified in module description files. We provide more control over dynamic linking by allowing import statements in module description files to require that imported modules be annotated with certain properties, which we implement by digital signatures. Our module system is compatible enough with standard Java that we have implemented it as a source-to-source and bytecode-to-bytecode transformation wrapped around a standard Java compiler, using a standard JVM.

Publications

Mechanisms for Secure Modular Programming in Java. Lujo Bauer, Andrew W. Appel, and Edward W. Felten. Software—Practice and Experience, 33(5):461–480, 2003. (A previous version of this work appeared as Princeton University Technical Report TR-603-99.)

Hierarchical Modularity. Matthias Blume and Andrew W. Appel, ACM Transactions on Programming Languages and Systems, Volume 21, No. 4 (Jul. 1999).