The security of static typing with dynamic linking
Proceedings of the 4th ACM conference on Computer and communications security
From system F to typed assembly language
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Javalight is type-safe—definitely
POPL '98 Proceedings of the 25th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
JRes: a resource accounting interface for Java
Proceedings of the 13th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A specification of Java loading and bytecode verification
CCS '98 Proceedings of the 5th ACM conference on Computer and communications security
A compositional account of the Java virtual machine
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A simple, comprehensive type system for Java bytecode subroutines
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
Dependent types in practical programming
Proceedings of the 26th ACM SIGPLAN-SIGACT symposium on Principles of programming languages
A type system for Java bytecode subroutines
ACM Transactions on Programming Languages and Systems (TOPLAS)
A formal framework for the Java bytecode language and verifier
Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
A Unified Approach to Path Problems
Journal of the ACM (JACM)
A type system for object initialization in the Java bytecode language
ACM Transactions on Programming Languages and Systems (TOPLAS)
Dynamic semantics of java bytecode
Future Generation Computer Systems
A formal specification of Java class loading
OOPSLA '00 Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications
Standard fixpoint iteration for Java bytecode verification
ACM Transactions on Programming Languages and Systems (TOPLAS)
A unified approach to global program optimization
POPL '73 Proceedings of the 1st annual ACM SIGACT-SIGPLAN symposium on Principles of programming languages
Java Virtual Machine Specification
Java Virtual Machine Specification
Java and the Java Virtual Machine: Definition, Verification, Validation with Cdrom
Java and the Java Virtual Machine: Definition, Verification, Validation with Cdrom
Theoretical Computer Science
Byte Code Verification for Java Smart Card Based on Model Checking
ESORICS '98 Proceedings of the 5th European Symposium on Research in Computer Security
An Abstract Model of Java Dynamic Linking and Loading
TIC '00 Selected papers from the Third International Workshop on Types in Compilation
Theoretical Computer Science - Foundations of software science and computation structures
Security and Dynamic Class Loading in Java: A Formalization
ICCL '98 Proceedings of the 1998 International Conference on Computer Languages
Introducing Microsoft .NET, Third Edition
Introducing Microsoft .NET, Third Edition
Journal of Automated Reasoning
Completeness of a Bytecode Verifier and a Certifying Java-to-JVM Compiler
Journal of Automated Reasoning
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
Java Security: From HotJava to Netscape and Beyond
SP '96 Proceedings of the 1996 IEEE Symposium on Security and Privacy
Formal aspects of mobile code security
Formal aspects of mobile code security
Type systems for object-oriented intermediate languages
Type systems for object-oriented intermediate languages
Java Bytecode Verification: Algorithms and Formalizations
Journal of Automated Reasoning
Non-interference for a JVM-like language
TLDI '05 Proceedings of the 2005 ACM SIGPLAN international workshop on Types in languages design and implementation
Precise Analysis of Memory Consumption using Program Logics
SEFM '05 Proceedings of the Third IEEE International Conference on Software Engineering and Formal Methods
A machine-checked model for a Java-like language, virtual machine, and compiler
ACM Transactions on Programming Languages and Systems (TOPLAS)
A static type system for JVM access control
ACM Transactions on Programming Languages and Systems (TOPLAS)
Reasoning about safety properties in a JVM-like environment
Science of Computer Programming
A proof theory for machine code
ACM Transactions on Programming Languages and Systems (TOPLAS)
Ilea: inter-language analysis across java and c
Proceedings of the 22nd annual ACM SIGPLAN conference on Object-oriented programming systems and applications
Java bytecode verification via static single assignment form
ACM Transactions on Programming Languages and Systems (TOPLAS)
Design of a remote controlled caching proxy system: architecture, algorithm and implementation
TELE-INFO'05 Proceedings of the 4th WSEAS International Conference on Telecommunications and Informatics
Towards proving type safety of .NET CIL
Science of Computer Programming
Computing Stack Maps with Interfaces
ECOOP '08 Proceedings of the 22nd European conference on Object-Oriented Programming
An empirical security study of the native code in the JDK
SS'08 Proceedings of the 17th conference on Security symposium
Kleene Algebra and Bytecode Verification
Electronic Notes in Theoretical Computer Science (ENTCS)
Mnemonics: type-safe bytecode generation at run time
Proceedings of the 2010 ACM SIGPLAN workshop on Partial evaluation and program manipulation
Enforcing secure object initialization in java
ESORICS'10 Proceedings of the 15th European conference on Research in computer security
JNI light: an operational model for the core JNI
APLAS'10 Proceedings of the 8th Asian conference on Programming languages and systems
Mnemonics: type-safe bytecode generation at run time
Higher-Order and Symbolic Computation
Formal methods for smartcard security
Foundations of Security Analysis and Design III
Modeling the Java Bytecode Verifier
Science of Computer Programming
| Hi-index | 0.00 |
The Java Virtual Machine executes bytecode programs that may have been sent from other, possibly untrusted, locations on the network. Since the transmitted code may be written by a malicious party or corrupted during network transmission, the Java Virtual Machine contains a bytecode verifier to check the code for type errors before it is run. As illustrated by reported attacks on Java run-time systems, the verifier is essential for system security. However, no formal specification of the bytecode verifier exists in the Java Virtual Machine Specification published by Sun. In this paper, we develop such a specification in the form of a type system for a subset of the bytecode language. The subset includes classes, interfaces, constructors, methods, exceptions, and bytecode subroutines. We also present a type checking algorithm and prototype bytecode verifier implementation, and we conclude by discussing other applications of this work. For example, we show how to extend our formal system to check other program properties, such as the correct use of object locks.