In Components We Trust – Programming Language Support for Weak Protection

Abstract

For many reasons we trust components just to some degree. Component users apply a number of methods to improve protection against malicious components. In this paper we briefly analyze some of these concepts and their relationships to our trust in components. It turns out that weak protection methods (those with potential security holes) can be beneficial for components we partially trust especially if potential holes are clearly visible. Visible holes build a basis for extending responsibility from the component user to the component supplier.