by Nimisha V. Mehta, Nimisha V. Mehta
http://www.lcs.mit.edu/publications/pubs/pdf/MIT-LCS-TR-713.pdf
Add To MetaCart
Abstract:
The use of the internet has increased extensively with a growing number of inexperienced users surfing the Web. Lurking in Web pages, Java applets are automatically executed on users ’ machines. As a result, popular Web browsers are understandably conservative on what they allow Java applets to do. However, this places a heavy restriction on applets which drastically limits their capabilities. Therefore, we have developed a constraint language in which naive users can specify their fine-grained control over applets without needing to know the the intricacies of applet security. We have written an implementation of the Java Security Manager built into Sun’s AppletViewer to demonstrate the feasability of this approach, addressing the many security issues that arise when opening the operating system to the public domain. This involves maintaining a log of applets ’ past accesses to determine the allowability of their future accesses, along with an account of which applets ‘own ’ which files.
Citations
|
811
|
Proof-Carrying Code
– Necula
- 1997
|
|
178
|
Java Security: From HotJava to Netscape and Beyond
– Dean, Felten, et al.
- 1996
|
|
120
|
Functional Requirements for Uniform Resource Names
– Sollins, Masinter
- 1994
|
|
20
|
Building systems that flexibly control downloaded executable content
– Jaeger, Rubin, et al.
- 1996
|
|
12
|
Low Level Security
– Yellin
- 1995
|
|
11
|
Exploring Java. O'Reilly & Associates
– Niemeyer, Peck
- 1996
|
|
10
|
et al. A Fast File System for UNIX
– McKusick
- 1984
|
|
9
|
Improving the security of your site by breaking into it
– Farmer, Venema
- 1995
|
|
5
|
HotJava: The security story
– Microsystems, Inc
- 1995
|
|
4
|
UNIX Password Security
– Belgers
- 1993
|
|
4
|
Improving the Security of Your UNIX
– Curry
- 1990
|
|
4
|
Web Growth Summary
– Gray
- 1996
|
|
3
|
On the Security of
– Ritchie
- 1979
|
|
2
|
et al. Implementing Internet Security
– Cooper
- 1995
|
|
2
|
Frequently Asked Questions - Applet Security
– JavaSoft, Inc
- 1997
|
|
2
|
Associates/Trish Information Services, Defining the Internet Opportunity: Internet Usage
– O’Reilly
- 1995
|
|
1
|
Business Week/Harris Poll: A Census in Cyberspace
– Week
- 1997
|
|
1
|
Security Article Extracts Legalities
– Garfinkel
- 1987
|
|
1
|
HotJava Browser 1.0 Users Guide. doc:/UsersGuide/applet_security.html
– Micosystems, Inc
- 1998
|
|
1
|
Secure Computing with Java: Now and the Future, April 28
– Microsystems
- 1997
|
|
1
|
Viet, Mocha Decompiler, Version 1(Beta
– van
- 1996
|
