Skip to main content
SpringerLink
Log in

Efficient Bytecode Verification Using Immediate Postdominators in Control Flow Graphs

  • Conference paper
On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops (OTM 2003)

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2889))

Abstract

Java Virtual Machine (JVM) code (also called bytecode) [11] can be downloaded by untrusted sources and executed directly. A component of the Java security model is the Java bytecode Verifier, which makes sure that the bytecode is safe by static analysis at loading time and prior to execution. The bytecode Verifier checks type correctness, stack overflow or underflow, code containment, registers and objects initialization, access control. The first bytecode verification algorithm is due to Gosling and Yellin. Most JVM instructions are typed and the algorithm is based on an abstract interpreter for the instructions that operates over types instead of values. Almost all existing Verifiers implement this algorithm [4,11,12].

This work was partly supported by the Italian “Fondazione Cassa di Risparmio di Pisa” within the project “Sviluppo di un verificatore per la sicurezza dei dati in smart card multi-applicazione”(2002-04)

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Ball, T.: What’s in a region? or computing control dependence regions in near-linear time for reducible control flow. ACM Letters on Program. Lang. Syst. 2(1-4), 1–16 (1993)

    Article  Google Scholar 

  2. Deville, D., Grimaud, G.: Building an ”impossible” verifier on a Java Card (2002)

    Google Scholar 

  3. Apache Foundation. Jakarta project, http://jakarta.apache.org/index.html

  4. Gosling, J.A.: Java intermediate bytecodes. In: ACM SIGPLAN Workshop on Intermediate Representations Proceedings, pp. 111–118. ACM, New York (1995)

    Chapter  Google Scholar 

  5. Kildall, G.: A unified approach to global program optimization. In: Proceedings of the 1st Annual ACM Symposium on Principles of Programming Languages, pp. 194–206 (1973)

    Google Scholar 

  6. Leroy, X.: Bytecode verification for java smart card. Software Practice & Experience 32, 319–340 (2002)

    Article  MATH  Google Scholar 

  7. Leroy, X.: Java bytecode verification: algorithms and formalizations. Journal of Automated Reasoning, To appear in the special issue on Java bytecode verification (2003)

    Google Scholar 

  8. Sun Microsystem. Java Card 2.2 Development Kit

    Google Scholar 

  9. Necula, G.C.: Proof-carrying code. In: 24th Annual Symposium on Principles of Programming Languages Proceedings, January 1997, pp. 106–119 (1997)

    Google Scholar 

  10. Rose, E., Rose, K.: Lightweight bytecode verification. In: WFUJ 1998 Proceedings (1998)

    Google Scholar 

  11. Lindholm, T., Yellin, F.: The Java virtual machine specification. Addison-Wesley Publishing Company, Reading (1996)

    Google Scholar 

  12. Yellin, F.: Low level security in java. In: 4th International World Wide Web Conference Proceedings, pp. 369–379. O’Reilly, Sebastopol (1995)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Dipartimento di Ingegneria dell’Informazione, Università di Pisa, Via Diotisalvi 2, 56100, Pisa, Italy

    Cinzia Bernardeschi, Nicoletta De Francesco & Luca Martini

Authors
  1. Cinzia Bernardeschi
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Nicoletta De Francesco
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Luca Martini
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Vrije Universiteit Brussel (VUB), STARLab, Bldg G/10, Pleinlaan 2, 1050, Brussels, Belgium

    Robert Meersman

  2. School of Computer Science and Information Technology, RMIT University, Bld 10.10, 376-392 Swanston Street, VIC 3001, Melbourne, Australia

    Zahir Tari

Rights and permissions

Reprints and permissions

Copyright information

© 2003 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Bernardeschi, C., De Francesco, N., Martini, L. (2003). Efficient Bytecode Verification Using Immediate Postdominators in Control Flow Graphs. In: Meersman, R., Tari, Z. (eds) On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops. OTM 2003. Lecture Notes in Computer Science, vol 2889. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39962-9_49

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-39962-9_49

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-20494-7

  • Online ISBN: 978-3-540-39962-9

  • eBook Packages: Springer Book Archive

Publish with us

Policies and ethics

Search

Navigation