Download now Free registration required
Many modern software platforms today, including browsers, middleware server architectures, cell phone operating systems, web application engines, support third-party software extensions. This paper proposes InvisiType, an object-oriented approach that enables platform developers to efficiently enforce fine-grained safety checks on third-party extensions without requiring their cooperation. This allows people to harness the true power of third-party software by giving it access to sensitive data while ensuring that it does not leak data. In this approach, a platform developer encapsulates all safety checks in a policy class and selectively subjects objects at risk to these policies.
- Format: PDF
- Size: 376 KB