乐胖代购免代理版

{"id":"https://openalex.org/W2688711791","doi":"https://doi.org/10.1109/sp.2017.16","title":"Hardening Java\u2019s Access Control by Abolishing Implicit Privilege Elevation","display_name":"Hardening Java\u2019s Access Control by Abolishing Implicit Privilege Elevation","publication_year":2017,"publication_date":"2017-05-01","ids":{"openalex":"https://openalex.org/W2688711791","doi":"https://doi.org/10.1109/sp.2017.16","mag":"2688711791"},"language":"en","primary_location":{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp.2017.16","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false},"type":"article","type_crossref":"proceedings-article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5002208253","display_name":"Philipp Holzinger","orcid":"https://orcid.org/0000-0002-2912-0650"},"institutions":[{"id":"https://openalex.org/I4210133470","display_name":"Fraunhofer Institute for Secure Information Technology","ror":"https://ror.org/03qt2gs44","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210133470","https://openalex.org/I4923324"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Philipp Holzinger","raw_affiliation_strings":["Fraunhofer SIT"],"affiliations":[{"raw_affiliation_string":"Fraunhofer SIT","institution_ids":["https://openalex.org/I4210133470"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5027995789","display_name":"Ben Hermann","orcid":"https://orcid.org/0000-0001-9848-2017"},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Ben Hermann","raw_affiliation_strings":["Technische Universit\u00e4t Darmstadt"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Darmstadt","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5016710902","display_name":"Johannes Lerch","orcid":null},"institutions":[{"id":"https://openalex.org/I31512782","display_name":"Technical University of Darmstadt","ror":"https://ror.org/05n911h24","country_code":"DE","type":"education","lineage":["https://openalex.org/I31512782"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Johannes Lerch","raw_affiliation_strings":["Technische Universit\u00e4t Darmstadt"],"affiliations":[{"raw_affiliation_string":"Technische Universit\u00e4t Darmstadt","institution_ids":["https://openalex.org/I31512782"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5076678278","display_name":"Eric Bodden","orcid":"https://orcid.org/0000-0003-3470-3647"},"institutions":[{"id":"https://openalex.org/I4210093498","display_name":"Fraunhofer Institute for Mechatronic Systems Design","ror":"https://ror.org/004nttc42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210093498","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Eric Bodden","raw_affiliation_strings":["Fraunhofer IEM & Paderborn University"],"affiliations":[{"raw_affiliation_string":"Fraunhofer IEM & Paderborn University","institution_ids":["https://openalex.org/I4210093498","https://openalex.org/I206945453"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5078067853","display_name":"Mira Mezini","orcid":"https://orcid.org/0000-0001-6563-7537"},"institutions":[{"id":"https://openalex.org/I4210093498","display_name":"Fraunhofer Institute for Mechatronic Systems Design","ror":"https://ror.org/004nttc42","country_code":"DE","type":"facility","lineage":["https://openalex.org/I4210093498","https://openalex.org/I4923324"]},{"id":"https://openalex.org/I206945453","display_name":"Paderborn University","ror":"https://ror.org/058kzsd48","country_code":"DE","type":"education","lineage":["https://openalex.org/I206945453"]}],"countries":["DE"],"is_corresponding":false,"raw_author_name":"Mira Mezini","raw_affiliation_strings":["Fraunhofer IEM & Paderborn University"],"affiliations":[{"raw_affiliation_string":"Fraunhofer IEM & Paderborn University","institution_ids":["https://openalex.org/I4210093498","https://openalex.org/I206945453"]}]}],"institution_assertions":[],"countries_distinct_count":1,"institutions_distinct_count":4,"corresponding_author_ids":[],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":0.228,"has_fulltext":true,"fulltext_origin":"ngrams","cited_by_count":12,"citation_normalized_percentile":{"value":0.794741,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":86,"max":87},"biblio":{"volume":null,"issue":null,"first_page":"1027","last_page":"1040"},"is_retracted":false,"is_paratext":false,"primary_topic":{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.9998,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9945,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10126","display_name":"Logic, programming, and type systems","score":0.9855,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/implementation","display_name":"Implementation","score":0.49387962},{"id":"https://openalex.org/keywords/code","display_name":"Code (set theory)","score":0.4357587}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8556479},{"id":"https://openalex.org/C548217200","wikidata":"https://www.wikidata.org/wiki/Q251","display_name":"Java","level":2,"score":0.7996161},{"id":"https://openalex.org/C26713055","wikidata":"https://www.wikidata.org/wiki/Q245962","display_name":"Implementation","level":2,"score":0.49387962},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.4708236},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.44196346},{"id":"https://openalex.org/C2776760102","wikidata":"https://www.wikidata.org/wiki/Q5139990","display_name":"Code (set theory)","level":3,"score":0.4357587},{"id":"https://openalex.org/C164554305","wikidata":"https://www.wikidata.org/wiki/Q71550","display_name":"Application server","level":2,"score":0.41789448},{"id":"https://openalex.org/C199360897","wikidata":"https://www.wikidata.org/wiki/Q9143","display_name":"Programming language","level":1,"score":0.40849844},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.39476112},{"id":"https://openalex.org/C177264268","wikidata":"https://www.wikidata.org/wiki/Q1514741","display_name":"Set (abstract data type)","level":2,"score":0.3052047}],"mesh":[],"locations_count":1,"locations":[{"is_oa":false,"landing_page_url":"https://doi.org/10.1109/sp.2017.16","pdf_url":null,"source":{"id":"https://openalex.org/S4363606603","display_name":"2022 IEEE Symposium on Security and Privacy (SP)","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"conference"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false}],"best_oa_location":null,"sustainable_development_goals":[{"display_name":"Peace, justice, and strong institutions","id":"https://metadata.un.org/sdg/16","score":0.81}],"grants":[],"datasets":[],"versions":[],"referenced_works_count":25,"referenced_works":["https://openalex.org/W1533718058","https://openalex.org/W1888344413","https://openalex.org/W1915915253","https://openalex.org/W1982740925","https://openalex.org/W1991206705","https://openalex.org/W2002288020","https://openalex.org/W2016696108","https://openalex.org/W2031954586","https://openalex.org/W2046970568","https://openalex.org/W2056073317","https://openalex.org/W2075849836","https://openalex.org/W2076628122","https://openalex.org/W2086014732","https://openalex.org/W2096230959","https://openalex.org/W2097457752","https://openalex.org/W2107370049","https://openalex.org/W2128656438","https://openalex.org/W2135849267","https://openalex.org/W2143150127","https://openalex.org/W2147221906","https://openalex.org/W2158591033","https://openalex.org/W2166091242","https://openalex.org/W2471005372","https://openalex.org/W2534728012","https://openalex.org/W3142620952"],"related_works":["https://openalex.org/W797688974","https://openalex.org/W4238532390","https://openalex.org/W3015486830","https://openalex.org/W2977179488","https://openalex.org/W2961779879","https://openalex.org/W2905764256","https://openalex.org/W2188872161","https://openalex.org/W2144453115","https://openalex.org/W2128223750","https://openalex.org/W2120447654"],"abstract_inverted_index":{"While":[0],"the":[1,26,44,48,85,108,156,178,183,190,203],"Java":[2,31,82,157],"runtime":[3,109],"is":[4],"installed":[5],"on":[6],"billions":[7],"of":[8,28,38,65,75,87,107,155,172,192,205,220,233],"devices":[9],"and":[10,77,136,144,164,200,216],"servers":[11],"worldwide,":[12],"it":[13,101],"remains":[14],"a":[15,152,168,218,230],"primary":[16],"attack":[17],"vector":[18],"for":[19,43,73,97,105],"online":[20],"criminals.":[21],"As":[22,52,90,175],"recent":[23],"studies":[24,47],"show,":[25,92,177],"majority":[27],"all":[29,102],"exploited":[30],"vulnerabilities":[32,114,195],"comprise":[33],"incorrect":[34],"or":[35],"insufficient":[36],"implementations":[37],"access-control":[39],"checks.":[40],"This":[41],"paper":[42],"first":[45],"time":[46],"problem":[49,125],"in":[50,196],"depth.":[51],"we":[53,91,150,176],"find,":[54],"attacks":[55],"are":[56],"enabled":[57],"by":[58,116],"shortcuts":[59,163],"that":[60,224],"short-circuit":[61],"Java's":[62,131],"general":[63],"principle":[64],"stack-based":[66,234],"access":[67,132,235],"control.":[68],"These":[69],"shortcuts,":[70,135],"originally":[71],"introduced":[72],"ease":[74],"use":[76],"to":[78,83,110,167],"improve":[79],"performance,":[80],"cause":[81],"elevate":[84],"privileges":[86],"code":[88],"implicitly.":[89],"this":[93,124,140],"creates":[94],"many":[95],"pitfalls":[96],"software":[98],"maintenance,":[99],"making":[100],"too":[103],"easy":[104],"maintainers":[106],"introduce":[111],"blatant":[112],"confused-deputy":[113,194],"even":[115],"just":[117],"applying":[118],"normally":[119],"semantics-preserving":[120],"refactorings.":[121],"How":[122],"can":[123],"be":[126],"solved?":[127],"Can":[128],"one":[129],"implement":[130],"control":[133,236],"without":[134],"if":[137],"so,":[138],"does":[139],"implementation":[141,232],"remain":[142],"usable":[143],"efficient?":[145],"To":[146],"answer":[147],"those":[148],"questions,":[149],"conducted":[151],"tool-assisted":[153],"adaptation":[154],"Class":[158],"Library":[159],"(JCL),":[160],"avoiding":[161],"(most)":[162],"therefore":[165],"moving":[166],"fully":[169],"explicit":[170],"model":[171],"privilege":[173],"elevation.":[174],"proposed":[179],"changes":[180],"significantly":[181],"harden":[182],"JCL":[184],"against":[185],"attacks:":[186],"they":[187],"effectively":[188],"hinder":[189],"introduction":[191],"new":[193],"future":[197],"library":[198],"versions,":[199],"successfully":[201],"restrict":[202],"capabilities":[204],"attackers":[206],"when":[207],"exploiting":[208],"certain":[209],"existing":[210],"vulnerabilities.":[211],"We":[212],"discuss":[213],"usability":[214],"considerations,":[215],"through":[217],"set":[219],"large-scale":[221],"experiments":[222],"show":[223],"with":[225],"current":[226],"JVM":[227],"technology":[228],"such":[229],"faithful":[231],"induces":[237],"no":[238],"observable":[239],"performance":[240],"loss.":[241]},"cited_by_api_url":"https://api.openalex.org/works?filter=cites:W2688711791","counts_by_year":[{"year":2023,"cited_by_count":3},{"year":2022,"cited_by_count":3},{"year":2021,"cited_by_count":3},{"year":2019,"cited_by_count":1},{"year":2018,"cited_by_count":1},{"year":2017,"cited_by_count":1}],"updated_date":"2025-01-04T14:56:12.635636","created_date":"2017-06-30"}