Abstract
Java is one of the most famous mobile code systems, and its components can be dynamically downloaded from the other computers over the internet. Because such downloaded components are not always reliable, behaviors of each component are restricted according to the application’s policy. However, it is not so easy for the application users or developers to decide the suitable policy. In this paper, we introduce a tool for generating and checking the security policies for Java application. As we deploy Java components spatially on a window of our tool, we can check which component can be executed or not with respect to a set of security policies. In addition, our tool can generate the minimal set of policies to execute all the deployed components.
The updated original online version for this book can be found at DOI: 10.1007/978-0-387-35614-3_21
Chapter PDF
Similar content being viewed by others
References
Tommy Thorn. Programming languages for mobile code. ACM Computing Surveys, 29 (3): 213–239, Sep. 1997.
Sun Microsystems, Inc. Java Security Architecture (JDK1.2), Oct. 1998. Version 1. 0.
Drew Dean, Edward W. Felten, and Dan S. Wallach. Java Security: From HotJava to Netscape and Beyond. In Proceedings 1996 IEEE Symposium on Security and Privacy, pages 190–200, May 1996.
Vincent Tam and Rakesh K. Gupta. Using Class Decompilers to Facilitate the security of Java Application. In WISE’00 proceedings. IEEE, 2000.
T. Jensen, D. Le Metayer, and T. Thorn. Security and Dynamic Class Loading in Java: A Formalization. In Proceedings of International Conference on Computer Languages, pages 4–15, May 1998.
Ponder homepage. http://www-dse.doc.ic.ac.uk/Research/policies/ ponder.html.
Haruhiko Kaiya and Kenji Kaijiri. Specifying Runtime Environments and Functionalities of Downloadable Components under the Sandbox Model. In International Symposium on Principles of Software Evolution,pages 138–142, Kanazawa, Japan, Nov. 2000 IEEE Computer Society Press.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2002 IFIP International Federation for Information Processing
About this chapter
Cite this chapter
Kaiya, H., Furukawa, H., Kaijiri, K. (2002). Security Policy Checker and Generator for Java Mobile Codes. In: Rolland, C., Brinkkemper, S., Saeki, M. (eds) Engineering Information Systems in the Internet Context. IFIP — The International Federation for Information Processing, vol 103. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35614-3_15
Download citation
DOI: https://doi.org/10.1007/978-0-387-35614-3_15
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5149-9
Online ISBN: 978-0-387-35614-3
eBook Packages: Springer Book Archive