Trishul: A Policy Enforcement Architecture for Java Virtual Machines
Source: Vrije Universiteit
The standard Java execution environment provides only primitive support for specifying and enforcing access control policies both at the stack and method call level as well as the higher application level. The current implementation also falls short of providing a secure execution environment for Java applications because of its inability to trace information flow within the environment. This paper presents the design and implementation of Trishul, a modular information flow control based policy enforcement framework for the Java Virtual Machine. A flexible and powerful language to implement Trishul's policy decision engine is also presented.