Skip to main content
Article thumbnail
Location of Repository

Saving the world from bad Beans: Deployment-time confinement checking

By Dave Clarke

Abstract

The Enterprise JavaBeans (EJB) framework requires developers to preserve architectural integrity constraints when writing EJB components. Breaking these constraints allows components to violate the transaction protocol, bypass security mechanisms, disable object persistence, and be susceptible to malicious attacks from other EJBs. We present an object confinement discipline that allows static verification of components ’ integrity as they are deployed into an EJB server. The confinement rules are simple for developers to understand, require no annotation to the code of EJB components, and can be efficiently enforced in existing EJB servers

Topics: Languages, Verification, Reliability Keywords Enterprise JavaBeans, Confinement, Deployment Tools
Publisher: ACM Press
Year: 2003
OAI identifier: oai:CiteSeerX.psu:10.1.1.135.3444
Provided by: CiteSeerX
Download PDF:
Sorry, we are unable to provide the full text but you may find it at the following location(s):
  • http://citeseerx.ist.psu.edu/v... (external link)
  • http://www.mcs.vuw.ac.nz/~kjx/... (external link)
  • Suggested articles


    To submit an update or takedown request for this paper, please submit an Update/Correction/Removal Request.