Program fragments, linking, and modularization
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
The security of static typing with dynamic linking
Proceedings of the 4th ACM conference on Computer and communications security
Dynamic class loading in the Java virtual machine
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A specification of Java loading and bytecode verification
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
Proof linking: an architecture for modular verification of dynamically-linked mobile code
SIGSOFT '98/FSE-6 Proceedings of the 6th ACM SIGSOFT international symposium on Foundations of software engineering
Type-safe linking and modular assembly language
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Inside Java 2 platform security architecture, API design, and implementation
Inside Java 2 platform security architecture, API design, and implementation
Standard fixpoint iteration for Java bytecode verification
ACM Transactions on Programming Languages and Systems (TOPLAS)
Java Virtual Machine Specification
Java Virtual Machine Specification
The Java Language Specification
The Java Language Specification
Security and Dynamic Class Loading in Java: A Formalization
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Formalizing the safety of Java, the Java virtual machine, and Java card
ACM Computing Surveys (CSUR)
A conservative algorithm for computing the flow of permissions in Java programs
ISSTA '02 Proceedings of the 2002 ACM SIGSOFT international symposium on Software testing and analysis
Formalization and Analysis of Class Loading in Java
Higher-Order and Symbolic Computation
An Abstract Model of Java Dynamic Linking and Loading
TIC '00 Selected papers from the Third International Workshop on Types in Compilation
A Type System for the Java Bytecode Language and Verifier
Journal of Automated Reasoning
Protecting Java component integrity against Trojan Horse programs
Integrity and internal control in information systems V
Modeling multiple class loaders by a calculus for dynamic linking
Proceedings of the 2004 ACM symposium on Applied computing
Pluggable verification modules: an extensible protection mechanism for the JVM
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Formalising Java RMI with explicit code mobility
OOPSLA '05 Proceedings of the 20th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Formalising Java RMI with explicit code mobility
Theoretical Computer Science
Flexible models for dynamic linking
ESOP'03 Proceedings of the 12th European conference on Programming
MetaKlaim: meta-programming for global computing
SAIG'01 Proceedings of the 2nd international conference on Semantics, applications, and implementation of program generation
A model of dynamic binding in .NET
CD'05 Proceedings of the Third international working conference on Component Deployment
| Hi-index | 0.00 |
The Java Virtual Machine (JVM) has a novel and powerful mechanism to support lazy, dynamic class loading according to user-definable policies. Class loading directly impacts type safety, on which the security of Java applications is based. Conceptual bugs in the loading mechanism were found in earlier versions of the JVM that lead to type violations. A deeper understanding of the class loading mechanism, through such means as formal analysis, will improve our confidence that no additional bugs are present.The work presented in this paper provides a formal specification of (the relevant aspects of) class loading in the JVM and proves its type safety. Our approach to proving type safety is different from the usual ones since classes are dynamically loaded and full type information may not be statically available. In addition, we propose an improvement in the interaction between class loading and bytecode verification, which is cleaner and enables lazier loading.