Philip W. L. Fong  Home/Search
Context
Related
| cs.sfu.ca/~pwfong/...CMPTTR200212.ps Cached: PS.gz PS PDF This document uses CoBlitz to cache paper downloads. If your firewall is blocking outgoing connections to port 3125, you can use these links to download local copies.
Image Update HelpPS.gz PS PDF From: cs.sfu.ca/~pwfong/personal/Pub... (more) (Enter author homepages) |
Rate this article:      (best)Comment on this article |
Abstract: This report presents a critical rethinking of the Java security architecture from the perspective of a software engineer. In existing commercial implementations of the Java Virtual Machine, there is a tight coupling between the dynamic linking process and the bytecode verifier. This leads to delocalized and interleaving program plans, making the verifier difficult to maintain and comprehend. A modular mobile code verification architecture, called Proof Linking, is proposed. By establishing... (Update)
Similar documents (at the sentence level):
30.2%: Proof Linking: A Modular Verification Architecture for Mobile Code .. - Fong (2004) (Correct)
13.9%: Proof Linking: Modular Verification of Mobile Programs in the.. - Fong, Cameron (1999) (Correct)
10.3%: Proof Linking: Distributed Verification of Java Classfiles in.. - Fong, Cameron (2001) (Correct)
Active bibliography (related documents): More All
1.2: Improving the Official Specification of Java Bytecode Verification - Coglio (2001) (Correct)
0.7: Ownership, Encapsulation and the Disjointness of Type and.. - Clarke, Drossopoulou (2002) (Correct)
0.5: SafeJava: A Unified Type System for Safe Programming - Boyapati (2004) (Correct)
Similar documents based on text: More All
0.9: Java Proof Linking with Multiple Classloaders - Fong, Cameron (2000) (Correct)
0.6: Proof Linking: An Architecture for Modular Verification of.. - Fong, Cameron (1998) (Correct)
0.4: Viewer's Discretion: Host Security in Mobile Code Systems - Fong (1998) (Correct)
BibTeX entry: (Update)
@misc{ pwfong-proof,
author = "Philip Fong",
title = "Proof Linking: Progress Report and Research Proposal",
url = "citeseer.ist.psu.edu/fong02proof.html" }
Citations (may not include all citations):566 Proof-carrying code - Necula - 1997
264 Safe kernel extensions without run-time checking - Necula, Lee - 1996
170 Security policies and security models (context) - Goguen, Meseguer - 1982
155 Secure computer systems: Mathematical foundations (context) - Bell, LaPadula - 1973
136 Java security: From hotjava to netscape and beyond - Dean, Felten et al. - 1996
120 The Java Virtual Machine Speci cation (context) - Lindholm, Yellin - 1999
120 Integrity considerations for secure computer systems (context) - Biba - 1977
100 Islands: Aliasing protection in object-oriented languages (context) - Hogg - 1991
93 Designing Distributed Applications with Mobile Code Paradigm.. - Carzaniga, Picco et al. - 1997
68 Flexible alias protection - Noble, Vitek et al. - 1998
66 The Geneva convention on the treatment of object aliasing - Hogg, Lea et al. - 1992
66 Java Security: Hostile Applets (context) - McGraw, Felten - 1997
51 Cryptography and Data Security (context) - Denning - 1982
50 A certifying compiler for Java - Colby, Lee et al. - 2000
49 Towards alias-free pointers - Minsky - 1996
47 The Java Language Speci cation (context) - Gosling, Joy et al. - 2000
38 Secure information ow in a multithreaded imperative language (context) - rey, Dennis - 1998
38 Ownership types for exible alias protection (context) - Clarke, Potter et al. - 1998
38 SafeTSA: A type safe and referentially secure mobile-code re.. - Amme, Dalton et al. - 2001
37 Delocalized Plans and Program Comprehension (context) - Letovsky, Soloway - 1986
37 Alias burying: Unique variables without destructive reads (context) - Boyland - 2001
37 Balloon types: Controlling sharing of state in data types (context) - ergio - 1997
22 use-once' variables and linear objects | storage management (context) - Baker - 1995
20 Understanding interleaved code - Rugaber, Stirewalt et al. - 1996
19 A parameterized type system for race-free java programs (context) - Boyapati, Rinard - 2001
16 Techniques for trusted software engineering - Devanbu, Fong et al. - 1998
16 Certi cation of programs for secure information ow (context) - Denning, Denning - 1977
14 A lattice model of secure information ow (context) - Denning - 1976
13 Con ned types (context) - Bokowski, Vitek - 1999
10 Language-based information- ow security (context) - Sabelfeld, Myers - 2002
9 Lightweight bytecode veri cation (context) - Rose, er - 1998
9 Secure computer systems: A mathematical model (context) - LaPadula, Bell - 1973
5 Proof linking: An architecture for modular veri cation of dy.. (context) - Fong, Cameron - 1998
5 A new type system for secure information ow (context) - rey - 2001
4 re ective JIT compiler framework for Java (context) - Ogawa, Shimura et al. - 2000
4 Towards an extensible virtual machine - Boyapati - 2002
3 A mode system for read-only references in java (context) - Skoglund, Wrigstad - 2001
3 Department of Commerce /National Institute of Standards and .. (context) - Processing, Publication et al. - 1994
3 Veri ed lightweight bytecode veri cation (context) - Klein, Nipkow - 2000
3 Weak probabilistic bisimulation for secure information ow - rey - 2002
3 Proof linking: Modular veri cation of mobile programs in the.. (context) - Fong, Cameron - 2000
2 Alias control with read-only references (context) - Skoglund, Wrigstad - 2002
2 Proof linking: Distributed veri cation of Java class les in .. (context) - Fong, Cameron - 2001
2 Automated software veri cation with trusted hardware (context) - Devanbu, Stubblebine - 1997
1 access right based encapsulation for Java (context) - unter, Dirk et al. - 2001
1 Con nement properties for multi-threaded programs (context) - rey, Dennis - 1999
1 Jupiter: A modular and extensible JVM - Doyle, Abdelrahman - 2001
1 Java with transitive readonly access control (context) - unter, Dirk et al. - 1999
1 Symbolic computation: Arti cial intelligence (context) - Lloyd, Logic - 1987
1 Alias killing: Unique variables without distructive reads (context) - Boyland - 1999
http://www.cs.princeton.edu/sip/history
http://aegisvm.sourceforge.net
http://java.sun.com/sfaq/chronology.html
http://kimera.cs.washington.edu/flaws/
Documents on the same site (http://www.cs.sfu.ca/~pwfong/personal/Pub/):
A Quantitative Study of Hypothesis Selection - Fong (1995) (Correct)
Access Control by Tracking Shallow Execution History - Fong (2003) (Correct)
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC