Soft boundaries for statically enforceable protection domains
Wallach, Dan S.
Master of Science
As safe languages, such as Java, find themselves leveraged to run larger, multi-task applications, many of the security concerns historically solved by hardware enforced protection domains are again sneaking their way into code. Previous schemes to enforce protection domains within the Java language have accepted run-time overhead and severe limitations on sharing semantics as a reasonable cost to achieve security. This thesis proposes soft boundaries to attain the benefits of separation without additional run-time overhead and without compromising the Java semantics. Soft boundaries use static analysis to assist the programmer in isolating components, protecting both a program's data and its control flow. Soft boundaries can be deployed either independently or in conjunction with previous separation schemes to further bolster separation.