Ajay Chander, John C. Mitchell  Home/Search
Context Related
| stanford.edu/dc/pap...DC003_chander.ps upenn.edu/~ishin/htmls/../...discex.pdf stanford.edu/people...DC003_chander.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: stanford.edu/dc/pubs (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: Mobile code provides significant opportunities and risks. Java bytecode is used to provide executable content to web pages and is the basis for dynamic service configuration in the Jini framework. While the Java Virtual Machine includes a bytecode verifier that checks bytecode programs before execution, and a bytecode interpreter that performs run-time tests, mobile code may still behave in ways that are harmful to users. We present techniques that insert runtime tests into Java code,... (Update)
Context of citations to this paper: More
.... wrapping calls to potentially dangerous Java methods, systems by Pandey and Hashii [5] Erlingsson and Schneider [6] and Chander et al. [7] can apply desired security policies to arbitrary codelets without requiring these policies to be built directly into the Java system code,...
...of different attacks. Examples of such attacks include email forging [41] and denial of service due to continuous resource allocation [7, 41], e.g. of heap memory, files, sockets. The four scenarios that we developed implement a range of suspicious activities including...
Cited by: More
Enforcing Resource Bounds via - Static Verification Of (Correct)
RT: A Role-based Trust-management Framework - Li, Mitchell (2003) (Correct)
Detecting Malicious Java Code Using Virtual Machine Auditing - Soman, Krintz, Vigna (2003) (Correct)
Similar documents (at the sentence level):
9.4%: Java Bytecode Modification and Applet Security - Shin, Mitchell (Correct)
Active bibliography (related documents): More All
0.6: Type Evolution and Version Management in a.. - Schoettner.. (2001) (Correct)
0.5: Towards Formalizing the Java Security Architecture of JDK 1.2 - Kassab, Greenwald (1998) (Correct)
0.2: Security in Java - Salminen, Wessman (1996) (Correct)
Similar documents based on text: More All
0.4: A Type System for Object Initialization in the Java Bytecode.. - Freund, Mitchell (1998) (Correct)
0.4: A Type System for Object Initialization In the Java Bytecode.. - Freund, Mitchell (1998) (Correct)
0.3: Deconstructing Trust Management - Ajay Chander Stanford (2002) (Correct)
Related documents from co-citation: More All
6: JRes: a resource accounting interface for Java - Czajkowski, von Eicken - 1998
5: Implementing multiple protection domains in Java - Hawblitzel, Chang et al. - 1998
5: ACM Transactions on Information and System Security (context) - Rudys, Wallach et al. - 2002
BibTeX entry: (Update)
A. Chander, J. C. Mitchell, and I. Shin. Mobile code security by Java bytecode instrumentation. In 2001. http://citeseer.ist.psu.edu/chander01mobile.html More
@misc{ chander01mobile,
author = "A. Chander and J. Mitchell and I. Shin",
title = "Mobile code security by Java bytecode instrumentation",
text = "A. Chander, J. C. Mitchell, and I. Shin. Mobile code security by Java bytecode
instrumentation. In 2001.",
year = "2001",
url = "citeseer.ist.psu.edu/chander01mobile.html" }
Citations (may not include all citations):746 The Java Virtual Machine Specification (context) - Lindholm, Yellin - 1996
386 ATOM A System for Building Customized Program Analysis Tools (context) - Srivastava, Eustace - 1994
380 The Java Language Specification (context) - Gosling, Joy et al. - 1996
339 Efficient Software-Based Fault Isolation - Wahbe, Lucco et al. - 1993
171 EELMachineIndependent Executable Editing (context) - Larus, EEL et al. - 1995
136 Java Security: From Hotjava to Netscape and beyond - Dean, Felten et al.
89 A Practical System for Intermodule Code Optimization at Link.. - Srivastava, Wall - 1993
73 ATUM: A New Technique for Capturing Address Traces Using Mic.. (context) - Agarwal, Sites et al. - 1986
64 Automatic Program Transformation with JOIE - Cohen, Chase et al.
35 Web spoofing: An Internet Con Game (context) - Felten, Balfanz et al. - 1997
32 Securing Java: Getting Down to Business with Mobile Code (context) - McGraw, Felten - 2000
31 Rewriting Executable Files to Measure Program Behavior - Larus, Ball - 1994
30 Systems for late code modification - Wall - 1992
25 Instrumentation and Optimization WinIntel Executable Using E.. - Geoff, Lee et al.
24 Secure Execution of Java Applets using a Remote Playground - Malkhi, Reiter et al.
18 Blocking Java Applets at the Firewall - Jr, Rajagopalan et al.
7 Department of Computer Science (context) - Balfanz, Felten et al. - 1997
7 Sun Microsystems Computer Company (context) - Language, Paper - 1995
5 Expanding and Extending the Security Features of Java - Mehta, Sollins - 1998
3 Binary Component Adaption (context) - Keller, Holzle
2 Nelson Modula-3 language definition (context) - Cardelli, Donahue et al. - 1992
2 Security Architecture (context) - Gong - 1998
2 Safe kernel extensions with run-time checking (context) - Necula, Lee - 1996
1 Computer Systems Laboratory (context) - pixie, CSL-TR- - 1991
1 Levy Techiques for Efficient Inline Tracing on a Shared-Memo.. (context) - Eggers, Keppel et al.
http://java.sun.com/products/jdk/1.2/
http://www.rstcorp.com/hostile-applets/index.html
http://www.digital.com/
The graph only includes citing articles where the year of publication is known.
Documents on the same site (http://crypto.stanford.edu/dc/pubs.html): More
Distributed Credential Chain Discovery in Trust.. - Li, Winsborough.. (2001) (Correct)
A State-Transition Model of Trust Management and Access.. - Chander, Dean, Mitchell (2001) (Correct)
Nonmonotonicity, User Interfaces, and Risk Assessment in.. - Li, Feigenbaum (2001) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC