Using reflection as a mechanism for enforcing security policies on compiled code
Journal of Computer Security - Special issue on ESORICS 2000
Channel dependent types for higher-order mobile processes
Proceedings of the 31st ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Security challenges for enterprise Java in an e-business environment
IBM Systems Journal
FIDES: an advanced chip multiprocessor platform for secure next generation mobile terminals
CODES+ISSS '05 Proceedings of the 3rd IEEE/ACM/IFIP international conference on Hardware/software codesign and system synthesis
Automatic placement of authorization hooks in the linux security modules framework
Proceedings of the 12th ACM conference on Computer and communications security
Role-Based access control consistency validation
Proceedings of the 2006 international symposium on Software testing and analysis
Proceedings of the 43rd annual Design Automation Conference
A static type system for JVM access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Enforcing authorization policies using transactional memory introspection
Proceedings of the 15th ACM conference on Computer and communications security
Security-By-Contract for the Future Internet
Future Internet --- FIS 2008
Do You Really Mean What You Actually Enforced?
Formal Aspects in Security and Trust
A language for information flow: dynamic tracking in multiple interdependent dimensions
Proceedings of the ACM SIGPLAN Fourth Workshop on Programming Languages and Analysis for Security
Electronic Notes in Theoretical Computer Science (ENTCS)
A permission system for secure AOP
Proceedings of the 9th International Conference on Aspect-Oriented Software Development
Isolating untrusted software extensions by custom scoping rules
Computer Languages, Systems and Structures
Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems
Proceedings of the 3rd international conference on Security of information and networks
Proceedings of the 3rd ACM workshop on Assurable and usable security configuration
Modules as objects in newspeak
ECOOP'10 Proceedings of the 24th European conference on Object-oriented programming
Secure applications without secure infrastructures
MMM-ACNS'10 Proceedings of the 5th international conference on Mathematical methods, models and architectures for computer network security
Authorization enforcement usability case study
ESSoS'11 Proceedings of the Third international conference on Engineering secure software and systems
Proceedings of the 2011 ACM Symposium on Applied Computing
Transactions on computational science XI
Java security architecture revisited
Communications of the ACM
Java Security Architecture Revisited
Queue - Programming Languages
Maximizing utility of mobile agent based e-commerce applications with trust enhanced security
TrustBus'05 Proceedings of the Second international conference on Trust, Privacy, and Security in Digital Business
Loosely-separated “sister” namespaces in java
ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming
Interprocedural analysis for privileged code placement and tainted variable detection
ECOOP'05 Proceedings of the 19th European conference on Object-Oriented Programming
Towards remote policy enforcement for runtime protection of mobile code using trusted computing
IWSEC'06 Proceedings of the 1st international conference on Security
Can we support applications' evolution in multi-application smart cards by security-by-contract?
WISTP'10 Proceedings of the 4th IFIP WG 11.2 international conference on Information Security Theory and Practices: security and Privacy of Pervasive Systems and Smart Devices
Use of ratings from personalized communities for trustworthy application installation
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Security-by-contract: toward a semantics for digital signatures on mobile code
EuroPKI'07 Proceedings of the 4th European conference on Public Key Infrastructure: theory and practice
IWAAL'12 Proceedings of the 4th international conference on Ambient Assisted Living and Home Care
Making the java memory model safe
ACM Transactions on Programming Languages and Systems (TOPLAS)
Hi-index | 0.02 |
From the Book:Give me a lever and a fulcrum, and I can move the globe. Archimedes Since Java technology's inception, and especially its public debut in the spring of 1995, strong and growing interest has developed regarding the security of the Java platform, as well as new security issues raised by the deployment of Java technology. This level of attention to security is a fairly new phenomenon in computing history. Most new computing technologies tend to ignore security considerations when they emerge initially, and most are never made more secure thereafter. Attempts made to do so typically are not very successful, as it is now well known that retrofitting security is usually very difficult, if not impossible, and often causes backward compatibility problems. Thus it is extremely fortunate that when Java technology burst on the Internet scene, security was one of its primary design goals. Its initial security model, although very simplistic, served as a great starting place, an Archimedean fulcrum. The engineering talents and strong management team at JavaSoft are the lever; together they made Java's extensive security architecture a reality. From a technology provider's point of view, security on the Java platform focuses on two aspects. The first is to provide the Java platform, primarily through the Java Development Kit, as a secure, platform on which to run Java-enabled applications in a secure fashion. The second is to provide security tools and services implemented in the Java programming language that enable a wider range of security-sensitive applications, for example, in the enterprise world. I wrote this book with many purposes inmind. First, I wanted to equip the reader with a brief but clear understanding of the overall picture of systems and network security, especially in the context of the Internet environment within which Java technology plays a central role, and how various security technologies relate to each other. Second, I wanted to provide a comprehensive description of the current security architecture on the Java platform. This includes language features, platform APIs, security policies, and their enforcement mechanisms. Whenever appropriate, I discuss not only how a feature functions, but also why it is designed in such a way and the alternative approaches that wethe Java security development team at Sun Microsystemsexamined and rejected. When demonstrating the use of a class or its methods, I use real-world code examples whenever appropriate. Some of these examples are synthesized from the JDK 1.2 code source tree. Third, I sought to tell the reader about security deployment issues, both how an individual or an enterprise manages security and how to customize, extend, and enrich the existing security architecture. Finally, I wanted to help developers avoid programming errors by discussing a number of common mistakes and by providing tips for safe programming that can be immediately applied to ongoing projects. How This Book Is Organized This book is organized as follows: Chapter 1. A general background on computer, network, and information security Chapter 2. A review of the original Java security model, the sandbox Chapter 3. An in-depth look at the new security architecture in JDK 1.2, which is policy-driven and capable of enforcing fine-grained access controls Chapter 4. An explanation of how to deploy and utilize the new security features in JDK 1.2, including security policy management, digital certificates, and various security tools Chapter 5. A demonstration of how to customize various aspects of the security architecture, including how to move legacy security code onto the JDK 1.2 platform Chapter 6. A review of techniques to make objects secure and tips for safe programming Chapter 7. An outline of the Java cryptography architecture along with usage examples Chapter 8. A look ahead to future directions for Java security This book is primarily for serious Java programmers and for security professionals who want to understand Java security issues both from a macro (architectural) point of view as well as from a micro (design and implementation) perspective. It is also suitable for nonexperts who are concerned about Internet security as a whole, as this book clears up a number of misconceptions around Java security. Throughout this book, I assume that the reader is familiar with the fundamentals of the Java language. For those who want to learn more about that language, the book by Arnold and Gosling is a good source. This book is not a complete API specification. For such details, please refer to JDK 1.2 documentation. Acknowledgments It is a cliche to say that writing a book is not possible without the help of many others, but it is true. I am very grateful to Dick Neiss, my manager at JavaSoft, who encouraged me to write the book and regularly checked on my progress. Lisa Friendly, the Addison-Wesley Java series editor, helped by guiding me through the writing process while maintaining a constant but "friendly" pressure. The team at Addison-Wesley was tremendously helpful. I'd like particularly to thank Mike Hendrickson, Katherine Kwack, Marina Lang, Laura Michaels, Marty Rabinowitz, and Tracy Russ. They are always encouraging, kept faith in me, and rescued me whenever I encountered obstacles. This book is centered around JDK 1.2 security development, a project that lasted fully two years, during which many people inside and outside of Sun Microsystems contributed in one way or another to the design, implementation, testing, and documentation of the final product. I would like to acknowledge Dirk Balfanz, Bob Blakley, Josh Bloch, David Bowen, Gilad Bracha, David Brownell, Eric Chu, David Connelly, Mary Dageforde, Drew Dean, Satya Dodda, Michal Geva, Gadi Guy, Graham Hamilton, Mimi Hills, Larry Koved, Charlie Lai, Sheng Liang, Tim Lindholm, Jan Luehe, Gary McGraw, Marianne Mueller, Tony Nadalin, Don Neal, Jeff Nisewanger, Yu-Ching Peng, Hemma Prafullchandra, Benjamin Renaud, Roger Riggs, Jim Roskind, Nakul Saraiya, Roland Schemers, Bill Shannon, Tom van Vleck, Dan Wallach, and Frank Yellin. I also appreciate the technical guidance from James Gosling and Jim Mitchell, as well as management support from Dick Neiss, Jon Kannegaard, and Alan Baratz. I have had the pleasure of chairing the Java Security Advisory Council, and I thank the external members, Ed Felten, Peter Neumann, Jerome Saltzer, Fred Schneider, and Michael Schroeder for their participation and superb insights into all matters that relate to computer security. Isabel Cho, Lisa Friendly, Charlie Lai, Jan Luehe, Teresa Lunt, Laura Michaels, Stephen Northcutt, Peter Neumann, and a number of anonymous reviewers provided valuable comments on draft versions of this book. G. H. Hardy once said that young men should prove theorems, while old men should write books. It is now time to prove some more theorems. Li Gong Los Altos, California June 1999