27 citations found. Retrieving documents...
X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001.

 Home/Search   Document Details and Download   Summary   Related Articles   Check  

This paper is cited in the following contexts:
Compositional Verification of Secure Applet Interactions - Barthe, Gurov, Huisman (2002)   (1 citation)  (Correct)

....that are preserved when new software is loaded. In particular, this is true for security properties such as confidentiality and integrity. These problems can be tackled by enforcing the desired properties through strict local security checks, as is done e.g. in bytecode verification, see e.g. [13], or in type systems for information flow, see e.g. 17] However, this requires focusing on a very restricted set of properties, that excludes many useful global properties. Open platforms for smartcards New generation smartcards such as JavaCards are open platforms that support multiple ....

X. Leroy. Java bytecode verification: an overview. In G. Berry, H. Comon, and A. Finkel, editors, Proceedings of CAV'01, number 2102 in LNCS, pages 265--285. Springer, 2001.

CardS4: Modal Theorem Proving on Java Smartcards - Goré, Nguyèn   (Correct)

....is that the simplified verifier is actually able to run on a standard Java card, despite the severe restrictions on memory resources on cards. The basic intuitions behind this technique, as well as a lucid account of problems and solutions for bytecode verification, can be found in Leroy s paper [Ler01]. The second problem with bytecode verification is that it only addresses low level issues: typing, stack overflows, notably. It does not address any less trivial security issue such as the transitive flows mentioned earlier, for example. There is still little work on methods for checking more ....

X. Leroy. Java bytecode verification: an overview. Proceedings of 13th International Conference on Computer-Aided Verification, pages 265--285. Springer-Verlag lecture notes in computer science 2102. G. Berry, H. Comon, A. Finkel eds., 2001.

A Hoare Logic for Monitors in Java - Abraham, de Boer, de Roever, Steffen   (Correct)

....real life applications and languages made it more acceptable, and last not least the array of non trivial language features made it challenging and interesting. Thus Java o#ered a rich field for formal studies, ranging from formal semantics [38, 6] over bytecode verification and static analysis [27] to model checking [19] As far as proof systems and verification support for object oriented programs is concerned, research mostly concentrated on sequential languages resp. sequential subsets of Java. For instance, Poetzsch He#ter and Muller [35, 33, 32, 34] develop a Hoare style programming ....

X. Leroy. Java bytecode verification: An overview. In G. Berry, H. Comon, and A. Finkel, editors, Proceedings of CAV '01, volume 2102 of Lecture Notes in Computer Science, pages 265--285. Springer-Verlag, 2001.

Contrôle Des Ressources Dans Les Cartes à.. - Galland, al. (2002)   (Correct)

....Dans les deux cas, les informations issues de la validation statique vont servir piloter l ordonnanceur. Conclusion Nous souhaitons dvelopper le contrle et la gestion mmoire afin de lutter contre les attaques en dni 6. Parmi les conclusions des travaux de Gilles Grimaud [16] et Xavier Leroy [25]. 7. Resource Control Real Time. 8. Escape Analysis. de service. Nous proposons une solution de validation statique afin de mieux piloter l ordonnanceur. Ce dveloppement s inscrit dans la philosophie Camille : chargement d extensions systme scurises. Cette analyse de code statique sera ....

LEROY, X. Java bytecode verification: an overview. In the 13 Conference on Computer Aided Ferification (CAV'2001.

Controle Des Ressources Dans Les Cartes a Microprocesseur - Galland, Deville.. (2002)   (Correct)

....Dans les deux cas, les informations issues de la validation statique vont servir h piloter l ordonnancemc. Conclusion Nous souhaitons d6velopper le contr61e et la gestion m6moire afin de lutter contre les attaques en d6ni 6. Parmi les conclusions des travaux de Gilles Grimaud [16] et Xavier Leroy [25]. 7. Resource Control Real Time. 8. Escape Analysis. de service. Nous proposons une solution de validation statique afin de mieux piloter l ordonnanceur. Ce d6veloppement s inscrit dans la philosophie Camille: chargement d extensions systbme s6curises. Cette analyse de code statique sera ....

LEROY, X. Java bytecode verification: an overview. In the 13 th Conference on Computer Aided Ferification (CAV'2001.

Building an "impossible" verifier on a Java Card - Deville, Grimaud   (Correct)

....each method of an application. The aim is to statically check that the control flow and data flow do not generate errors (underflow or overflow of the stack, variable used with invalid type, This algorithm is called type inference and its concepts were first introduced in [10] The paper [11] gives an overview of the whole Java verification process. Java Card Virtual Machine (JCVM [3] is a stack based machine that uses particular registers named local variables. The Java specification [14] imposes some constraints on the byte code generated by compilers so that it can be verified. ....

X. Leroy. Java bytecode verification : an overview. In Computer Aided Verification, 2001.

Verified Bytecode Model Checkers - Basin, Friedrich, Gawkowski (2002)   (5 citations)  (Correct)

....verifier or more generally Kildall algorithm, which was analyzed by Nipkow) or one such type per subroutine to each control point. In contrast, polyvariant analysis allows multiple program state types per control point, depending on the number of control flow paths that lead to this control point [9]. In the formalization of Pusch and Nipkow [15, 11] monovariant data flow analysis is used, which is adequate since they do not consider subroutines and interfaces. In our approach, we use model checking, which performs a polyvariant data flow analysis. The result is not only that we can base our ....

X. Leroy. Java Bytecode Verification: An Overview. In G. Berry, H. Comon, and A. Finkel, editors. CAV 2001, LNCS, pages 265-285. Springer-Verlag, 2001.

Bytecode Model Checking: An Experimental Analysis - Basin, Friedrich, Gawkowski, .. (2002)   (3 citations)  (Correct)

....model checkers. Our system is freely available for such benchmarking purposes. Related Work The widespread use of Java and the lack of formal treatment originally given in [7] have motivated considerable research. A number of di#erent approaches have been proposed for type checking bytecode and [6] contains an excellent overview of the area. Most of this work is theoretically oriented and is concerned with formalizing the JVM [2] and defining related type systems [3, 12, 13, 17] There has also been considerable work on formally proving the soundness of various approaches or verifying ....

....points where the calling contexts (the stack and the register values not used by the subroutine) of di#erent execution paths can be incompatible. This results in non trivial complications; solutions include structural restrictions on bytecode (Sun s approach) and polyvariant dataflow analysis [6]. It is an open question which solution is best. The polyvariant approach seems more elegant but has a time complexity that is exponential in the depth of subroutine nesting. Model checking approach. In our approach we also abstract a method to a state transition system. However, instead of ....

[Article contains additional citation context not shown here]

X. Leroy. Java bytecode verification: An overview. In Computer Aided Verification, 13th International Conference, volume

Compositional Verification of Secure Applet Interactions - Barthe, Gurov, Huisman (2002)   (1 citation)  (Correct)

....that are preserved when new software is loaded. This is particularly true for security properties such as confidentiality and integrity. These problems can be tackled by enforcing the desired properties through strict local security checks, as is done e.g. in bytecode verification, see e.g. [12], or in type systems for information flow, see e.g. 16] However, this requires focusing on a very restricted set of properties, that excludes many useful global properties. Open platforms for smartcards New generation smartcards such as JavaCards are open platforms that support multiple ....

X. Leroy. Java bytecode verification: an overview. In G. Berry, H. Comon, and A. Finkel, editors, Proceedings of CAV'01, number 2102 in LNCS, pages 265--285. Springer, 2001.

Bytecode verification on Java smart cards - Leroy (2002)   (18 citations)  Self-citation (Leroy)   (Correct)

....belong to subroutines, and match them with the corresponding JSR and RET instructions. During verification, the results of this analysis are used to type check JSR and RET instructions in a polymorphic way. See [26, 23, 25] for formalizations of this approach. Alternate approaches are described in [11, 19, 13]. All these complications (and potential security holes) disappear in our bytecode verification algorithm: since it ensures that a register has the same type throughout the method code, it ensures that the whole method code, including subroutines, is monomorphic with respect to the types of all ....

....model checking of a type level abstract interpretation of a defensive Java virtual machine. It trivializes the problem with polymorphic subroutines and exceptions, but is very expensive (time and space exponential in the size of the method code) thus is not suited to on card implementation. Leroy [13] describes a less expensive variant of this approach, based on polyvariant verification of subroutines. 7 CONCLUSIONS The approach described in this article o# card code transformations to simplify the bytecode verification process leads to a novel bytecode verification algorithm that is ....

Leroy X. Java bytecode verification: an overview. In Computer Aided Verification, CAV 2001.

Trading-Off Type-Inference Memory Complexity against .. - Hyppönen, Naccache, ..   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001.

Applet Verification Strategies for RAM-Constrained Devices - Maltesson, al. (2003)   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265-285, Springer-Verlag, 2001.

Reducing the Memory Complexity of Type-Inference Algorithms - Naccache, al. (2002)   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265-285, Springer-Verlag, 2001.

Checking Secure Information Flow in Java Bytecode.. - Bernardeschi, De..   (Correct)

No context found.

X. Leroy. Java bytecode verification: an overview. In 13th International Conference on Computer Aided Verification, LNCS 2102, Proceedings, pages 265-- 285, July 2001.

Trading-Off Type-Inference Memory Complexity against .. - Hyppönen, Naccache, .. (2003)   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265-285, Springer-Verlag, 2001.

Trading-Off Type-Inference Memory Complexity against .. - Hyppönen, Naccache, ..   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001.

Verified Bytecode Subroutines - Klein, Wildmoser (2003)   (5 citations)  (Correct)

No context found.

X. Leroy. Java bytecode verification: an overview. In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pages 265--285. Springer, 2001.

A Type System for the Java Bytecode Language and Verifier - Freund, Mitchell (2003)   (1 citation)  (Correct)

No context found.

Leroy, X.: Java bytecode verification: An overview, in CAV 01: Computer Aided Verification, 2001, pp. 265--285.

Computer Security from a Programming Language and Static Analysis.. - Leroy   (Correct)

No context found.

Xavier Leroy. Java bytecode verification: an overview. In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pages 265--285. Springer-Verlag, 2001.

Verified Bytecode Verification and Type-Certifying Compilation - Klein, Strecker (2003)   (1 citation)  (Correct)

No context found.

Xavier Leroy. Java bytecode verification: an overview. In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV'01, volume 2102 of Lecture Notes in Computer Science, pages 265-- 285. Springer Verlag, 2001.

Trading-Off Type-Inference Memory Complexity against .. - Hyppönen, Naccache, .. (2003)   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265-285, Springer-Verlag, 2001.

Reducing the Memory Complexity of Type-Inference Algorithms - Naccache, al. (2002)   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265-285, Springer-Verlag, 2001.

Applet Verification Strategies for RAM-Constrained Devices - Maltesson, al. (2003)   (Correct)

No context found.

X. Leroy, Java Byte-Code Verification: an Overview, In G. Berry, H. Comon, and A. Finkel, editors, Computer Aided Verification, CAV 2001, volume 2102 of Lecture Notes in Computer Science, pp. 265-285, Springer-Verlag, 2001.

Verified Bytecode Subroutines - Klein, Wildmoser (2003)   (5 citations)  (Correct)

No context found.

Leroy, X.: 2001, `Java bytecode verification: an overview'. In: G. Berry, H. Comon, and A. Finkel (eds.): Computer Aided Verification, CAV 2001, Vol. 2102 of Lecture Notes in Computer Science. pp. 265--285.

Bytecode Verification by Model Checking - Basin, Friedrich, Gawkowski (2003)   (1 citation)  (Correct)

No context found.

Leroy, X.: 2001, `Java Bytecode Verification: An Overview'. In: G. Berry, H. Comon, and A. Finkel (eds.): Computer Aided Verification, 13th International Conference, CAV 2001, Vol. 2102 of LNCS. pp. 265--285.

Simple Verification Technique for Complex Java Bytecode Subroutines - Coglio (2002)   (10 citations)  (Correct)

No context found.

Xavier Leroy. Java bytecode verification: An overview. In Proc. 13th Conference on Computer Aided Verification (CAV'01), volume 2102 of Lecture Notes in Computer Science, pages 265--285. Springer, July 2001.

Improving the official specification of Java bytecode verification - Coglio (2003)   (1 citation)  (Correct)

No context found.

Leroy X. Java bytecode verification: An overview. Proceedings of the 13th Conference on Computer Aided Verification (CAV'01) (Lecture Notes in Computer Science, vol. 2102). Springer: Berlin, 2001; 265--285.

Online articles have much greater impact   More about CiteSeer.IST   Add search form to your site   Submit documents   Feedback  

CiteSeer.IST - Copyright Penn State and NEC