Secure execution of Java applets using a remote playground

  title={Secure execution of Java applets using a remote playground},
  author={Dahlia Malkhi and Michael K. Reiter},
  journal={Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186)},
  • D. MalkhiM. Reiter
  • Published 3 May 1998
  • Computer Science
  • Proceedings. 1998 IEEE Symposium on Security and Privacy (Cat. No.98CB36186)
Mobile code presents a number of threats to machines that execute it. We introduce an approach for protecting machines and the resources they hold from mobile code, and describe a system based on our approach for protecting host machines from Java 1.1 applets. In our approach, each Java applet downloaded to the protected domain is rerouted to a dedicated machine (or set of machines), the playground, at which it is executed. Prior to execution, the applet is transformed to use the downloading… 

Figures from this paper

Spout: a transparent distributed execution engine for Java applets

The design, implementation, and performance measurements of the first Spout prototype are described, which also incorporates run-time resource monitoring mechanisms to counter denial-of-service attacks.

DISSECT: DIStribution for SECurity Tool

DIStribution for SECurity Tool is proposed and implemented, an architecture based on the above partitioning (dissection) strategy, for Java 1.1, which relieves the developers from actually writing distributed applications by distributing the application automatically, according to designated sensitivities of application portions.

Secure Mobile Code Execution Service

A commercial system called SEES that secures the execution of mobile code that comes into a host computer as an email attachment or as a web document downloaded through an anchor link by running them on a separate guinea pig machine rather than on the user machine, and takes an isolation approach to the secure mobile code execution problem.

Spout: a transparent proxy for safe execution of Java applets

The detailed design, implementation, and performance measurements of the first Spout prototype are described, which also incorporates run-time resource monitoring mechanisms to counter denial-of-service attacks.

Mobile Code Security

The article summarizes the relative merits of each techniques and concluded that each of these techniques offers something different, and the best approach is probably a combination of security mechanisms.

A flexible and extensible security framework for Java code

JSEF has a hierarchical group concept that supports the definition and propagation of access policies, offers additive and subtractive permissions and policy exceptions, and supports system-wide security policies that users must adhere to but can tailor to their needs.

One-Way Isolation: An Effective Approach for Realizing Safe Execution Environments

This paper presents an approach for realizing a safe execution environment (SEE) that enables users to “try out” new software (or configuration changes to existing software) without the fear of damaging the system in any manner, and develops an efficient technique for implementing the commit operation.

A Novel Approach for Untrusted Code Execution

This paper focuses on the execution model of SVEE and the security evaluation for this model, which enables users to "try out" untrusted software without the fear of damaging the system in any manner.

Alcatraz: An Isolated Environment for Experimenting with Untrusted Software

This article develops two different implementation approaches, one in user-land and the other in the OS kernel, for realizing a safe-execution environment that enables users to “try out” new software without the fear of damaging the system in any manner.

Nested Java processes: OS structure for mobile code

Alta, a prototype Java-based system patterned on Fluke, a highly structured, hardware-based OS, is presented and its features appropriate to mobile code are reported on, including hierarchical resource management and flexible object sharing.



Java security: from HotJava to Netscape and beyond

This work examines the Java language and both the HotJava and Netscape browsers which support it, and finds a significant number of flaws which compromise their security.

Experience with secure multi-processing in Java

  • D. BalfanzL. Gong
  • Computer Science
    Proceedings. 18th International Conference on Distributed Computing Systems (Cat. No.98CB36183)
  • 1998
This work experimented with using the Java platform as a multiprocessing, multi user environment and proposed improvements to several aspects of the Java technology architecture, including its security features.

JRes: a resource accounting interface for Java

It is argued that, in order to realize its full potential in applications dealing with untrusted code, Java needs a flexible resource accounting interface, and the design and prototype implementation of such an interface --- JRes --- is presented.

Java Virtual Machine

This text is a comprehensive programming guide for the Java Virtual Machine, providing an overview and reference of the JVM, and it enbles users to create their own implementations of theJVM or write their own compilers that create Java object code.

Extensible security architectures for Java

This work describes and analyzes three implementation strategies for interposing security policies in software-based security systems, and builds a name space management system as an add-on to Microsoft Internet Explorer.

Blocking Java applets at the firewall

This paper explores the problem of protecting a site on the Internet against hostile external Java applets while allowing trusted internal applets to run and describes a new attack on certain sophisticated firewalls that is most effectively realized as a Java applet.

Java Operating Systems : Design and Implementation

This work describes the technical issues that arise when implementing a process model in Java and lays out the design choices for managing resources, and describes the solutions that are exploring in two complementary projects, Alta and GVM.

The Java Virtual Machine Specification

This second edition specifies the newest version of the Java virtual machine and provides a fascinating view into the inner workings of theJava 2 platform.

Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies

It is shown that if such a security framework had been integrated into the respective scripting languages from the very beginning, the probability of preventing the multiple security flaws, that were identified, would have been greatly increased.

Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2

This paper describes the new security architecture that has been implemented aspart of JDK1.2, the forthcoming JavaTM Development Kit, and introduces the concept of protection domain and a few related security primitives that help to make the underlying protection mechanism more robust.