- Dan S. Wallach
- Dirk Balfanz
- Drew Dean
- Edward W. Felten
generally limit all programs to a single security policy. However,
software-based protection can allow for more flexible security models,
with potentially significant performance improvements over traditional
hardware-based solutions. We describe and analyze three
implementation strategies for interposing flexible security policies
in software-based security systems. Implementations exist for all
three strategies: several vendors have adapted capabilities to Java,
Netscape Communicator extended Java's stack introspection, and we
built a type-hiding system as an add-on to Microsoft Internet Explorer.
- Technical Report 546-97, Department of Computer Science,
Princeton University, April 1997.
- Please see the newer version.
- See Also
- Netscape's signed object documentation