Foundations of logic programming; (2nd extended ed.)
Foundations of logic programming; (2nd extended ed.)
Java security: hostile applets, holes&antidotes
Java security: hostile applets, holes&antidotes
Designing distributed applications with mobile code paradigms
ICSE '97 Proceedings of the 19th international conference on Software engineering
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Program fragments, linking, and modularization
Proceedings of the 24th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Understanding interleaved code
Reverse engineering
The security of static typing with dynamic linking
Proceedings of the 4th ACM conference on Computer and communications security
Dynamic class loading in the Java virtual machine
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
What is Java binary compatibility?
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Type-safe linking and modular assembly language
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Techniques for trusted software engineering
Proceedings of the 20th international conference on Software engineering
From system F to typed assembly language
ACM Transactions on Programming Languages and Systems (TOPLAS)
A certifying compiler for Java
PLDI '00 Proceedings of the ACM SIGPLAN 2000 conference on Programming language design and implementation
Java Virtual Machine Specification
Java Virtual Machine Specification
The Java Language Specification
The Java Language Specification
Security and Dynamic Class Loading in Java: A Formalization
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Pluggable verification modules: an extensible protection mechanism for the JVM
OOPSLA '04 Proceedings of the 19th annual ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Proof linking: distributed verification of java classfiles in the presence of multiple classloaders
JVM'01 Proceedings of the 2001 Symposium on JavaTM Virtual Machine Research and Technology Symposium - Volume 1
Isolating untrusted software extensions by custom scoping rules
Computer Languages, Systems and Structures
Formal methods for smartcard security
Foundations of Security Analysis and Design III
| Hi-index | 0.00 |
Although mobile code systems typically employ link-time code verifiers to protect host computers from potentially malicious code, implementation flaws in the verifiers may still leave the host system vulnerable to attack. Compounding the inherent complexity of the verification algorithms themselves, the need to support lazy, dynamic linking in mobile code systems typically leads to architectures that exhibit strong interdependencies between the loader, the verifier, and the linker. To simplify verifier construction and provide improved assurances of verifier integrity, we propose a modular architecture based on the concept of proof linking. This architecture encapsulates the verification process and removes dependencies between the loader, the verifier, and the linker. We also formally model the process of proof linking and establish properties to which correct implementations must conform. As an example, we instantiate our architecture for the problem of Java bytecode verification and assess the correctness of this instantiation. Finally, we briefly discuss alternative mobile code verification architectures enabled by the proof-linking concept.