Abstract
Java Virtual Machine (JVM) code (also called bytecode) [11] can be downloaded by untrusted sources and executed directly. A component of the Java security model is the Java bytecode Verifier, which makes sure that the bytecode is safe by static analysis at loading time and prior to execution. The bytecode Verifier checks type correctness, stack overflow or underflow, code containment, registers and objects initialization, access control. The first bytecode verification algorithm is due to Gosling and Yellin. Most JVM instructions are typed and the algorithm is based on an abstract interpreter for the instructions that operates over types instead of values. Almost all existing Verifiers implement this algorithm [4,11,12].
This work was partly supported by the Italian “Fondazione Cassa di Risparmio di Pisa” within the project “Sviluppo di un verificatore per la sicurezza dei dati in smart card multi-applicazione”(2002-04)
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ball, T.: What’s in a region? or computing control dependence regions in near-linear time for reducible control flow. ACM Letters on Program. Lang. Syst. 2(1-4), 1–16 (1993)
Deville, D., Grimaud, G.: Building an ”impossible” verifier on a Java Card (2002)
Apache Foundation. Jakarta project, http://jakarta.apache.org/index.html
Gosling, J.A.: Java intermediate bytecodes. In: ACM SIGPLAN Workshop on Intermediate Representations Proceedings, pp. 111–118. ACM, New York (1995)
Kildall, G.: A unified approach to global program optimization. In: Proceedings of the 1st Annual ACM Symposium on Principles of Programming Languages, pp. 194–206 (1973)
Leroy, X.: Bytecode verification for java smart card. Software Practice & Experience 32, 319–340 (2002)
Leroy, X.: Java bytecode verification: algorithms and formalizations. Journal of Automated Reasoning, To appear in the special issue on Java bytecode verification (2003)
Sun Microsystem. Java Card 2.2 Development Kit
Necula, G.C.: Proof-carrying code. In: 24th Annual Symposium on Principles of Programming Languages Proceedings, January 1997, pp. 106–119 (1997)
Rose, E., Rose, K.: Lightweight bytecode verification. In: WFUJ 1998 Proceedings (1998)
Lindholm, T., Yellin, F.: The Java virtual machine specification. Addison-Wesley Publishing Company, Reading (1996)
Yellin, F.: Low level security in java. In: 4th International World Wide Web Conference Proceedings, pp. 369–379. O’Reilly, Sebastopol (1995)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Bernardeschi, C., De Francesco, N., Martini, L. (2003). Efficient Bytecode Verification Using Immediate Postdominators in Control Flow Graphs. In: Meersman, R., Tari, Z. (eds) On The Move to Meaningful Internet Systems 2003: OTM 2003 Workshops. OTM 2003. Lecture Notes in Computer Science, vol 2889. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-39962-9_49
Download citation
DOI: https://doi.org/10.1007/978-3-540-39962-9_49
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20494-7
Online ISBN: 978-3-540-39962-9
eBook Packages: Springer Book Archive