research-article

Secure Java Class Loading

Author:

Li GongAuthors Info & Claims

IEEE Internet Computing, Volume 2, Issue 6

Pages 56 - 61

https://doi.org/10.1109/4236.735987

Published: 01 November 1998 Publication History

Publisher Site

Abstract

The class loading mechanism, central to Java, plays a key role in JDK 1.2 by enabling an improved security policy that is permission-based and extensible. The author concludes that JDK 1.2 has introduced a powerful and secure class loading mechanism. It not only enforces type safety and name space separation but also has a significant role in the new security architecture that supports fine grained, permission based access control. The new class loading mechanism's flexibility-through its delegation scheme and the rich set of class loader classes-gives Java applications and applets greater freedom to customize and specify how, when, and from where classes are loaded. Because the class loading mechanism is central to both the correctness and the security of the Java runtime system, we would like to model and define this mechanism, perhaps in a formal verification system. We can then obtain a formal specification and prove (or disprove) that the mechanism as currently designed is sufficient for security

References

[1]

J. Gosling B. Joy and G. Steele, The Java Language Specification, Addison-Wesley, Menlo Park, Calif., 1996.

Digital Library

Google Scholar

[2]

T. Lindholm and F. Yellin, The Java Virtual Machine Specification, Addison-Wesley, Menlo Park, Calif., 1997.

Digital Library

Google Scholar

[3]

L. Gong, "Java Security: Present and Near Future," IEEE Micro, Vol. 17, No. 3, May/June 1997, pp. 14-19.

Digital Library

Google Scholar

[4]

L. Gong, et al., "Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java Development Kit 1.2," Proc. Usenix Symp. Internet Technologies and Systems, 1997, Usenix Assoc., Berkeley, Calif., pp. 103-112.

Crossref

Google Scholar

[5]

S. Liang and G. Bracha, "Dynamic Class Loading in the Java Virtual Machine," Proc. ACM Conf. Object Oriented Programming Systems, Languages, and Applications, ACM Press, New York, 1998.

Crossref

Google Scholar

Cited By

View all

Horváth GPataki NBalassi M(2017)Code Generation in Serializers and Comparators of Apache FlinkProceedings of the 12th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems10.1145/3098572.3098579(1-6)Online publication date: 19-Jun-2017
https://dl.acm.org/doi/10.1145/3098572.3098579
Winandy MCremers ALangweg HSpalka A(2003)Protecting Java component integrity against Trojan Horse programsIntegrity and internal control in information systems V10.5555/941406.941413(99-113)Online publication date: 1-Jan-2003
https://dl.acm.org/doi/10.5555/941406.941413
Lee DJung S(2003)Computer vision-assisted interaction in X3D virtual environment on WWWProceedings of the 2nd international conference on Human.society@internet10.5555/1758796.1758842(332-341)Online publication date: 18-Jun-2003
https://dl.acm.org/doi/10.5555/1758796.1758842
Show More Cited By

Secure Java Class Loading
1. Security and privacy
  1. Systems security
2. Software and its engineering
  1. Software notations and tools
    1. General programming languages

Recommendations

A formal specification of Java class loading
OOPSLA '00: Proceedings of the 15th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications

The Java Virtual Machine (JVM) has a novel and powerful mechanism to support lazy, dynamic class loading according to user-definable policies. Class loading directly impacts type safety, on which the security of Java applications is based. Conceptual ...
Class Loader Firmware on Java SoC
ISCSCT '08: Proceedings of the 2008 International Symposium on Computer Science and Computational Technology - Volume 01

Java is one of the most popular programming architectures because of its platform-independence. A Java processor called “JOP” accelerates the speed of Java applications by executing Java bytecode instructions directly instead of by software emulation. ...
A formal specification of Java class loading

The Java Virtual Machine (JVM) has a novel and powerful mechanism to support lazy, dynamic class loading according to user-definable policies. Class loading directly impacts type safety, on which the security of Java applications is based. Conceptual ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

IEEE Internet Computing Volume 2, Issue 6

November 1998

95 pages

ISSN:1089-7801

Issue’s Table of Contents

Publisher

IEEE Educational Activities Department

United States

Publication History

Published: 01 November 1998

Qualifiers

Research-article

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

9
Total Citations
View Citations
0
Total Downloads

Downloads (Last 12 months)0
Downloads (Last 6 weeks)0

Reflects downloads up to 12 Feb 2025

Other Metrics

View Author Metrics

Citations

Cited By

View all

Horváth GPataki NBalassi M(2017)Code Generation in Serializers and Comparators of Apache FlinkProceedings of the 12th Workshop on Implementation, Compilation, Optimization of Object-Oriented Languages, Programs and Systems10.1145/3098572.3098579(1-6)Online publication date: 19-Jun-2017
https://dl.acm.org/doi/10.1145/3098572.3098579
Winandy MCremers ALangweg HSpalka A(2003)Protecting Java component integrity against Trojan Horse programsIntegrity and internal control in information systems V10.5555/941406.941413(99-113)Online publication date: 1-Jan-2003
https://dl.acm.org/doi/10.5555/941406.941413
Lee DJung S(2003)Computer vision-assisted interaction in X3D virtual environment on WWWProceedings of the 2nd international conference on Human.society@internet10.5555/1758796.1758842(332-341)Online publication date: 18-Jun-2003
https://dl.acm.org/doi/10.5555/1758796.1758842
Paal SKammüller RFreisleben B(2002)Customizable Deployment, Composition, and Hosting of Distributed Java ApplicationsOn the Move to Meaningful Internet Systems, 2002 - DOA/CoopIS/ODBASE 2002 Confederated International Conferences DOA, CoopIS and ODBASE 200210.5555/646748.759570(845-865)Online publication date: 30-Oct-2002
https://dl.acm.org/doi/10.5555/646748.759570
Gschwind T(2002)Type based adaptationProceedings of the 3rd international conference on Software engineering and middleware10.5555/1756361.1756373(130-143)Online publication date: 20-May-2002
https://dl.acm.org/doi/10.5555/1756361.1756373
Caromel DVayssière J(2001)Reflections on MOPs, Components, and Java SecurityProceedings of the 15th European Conference on Object-Oriented Programming10.5555/646158.679875(256-274)Online publication date: 18-Jun-2001
https://dl.acm.org/doi/10.5555/646158.679875
Hartel PMoreau L(2001)Formalizing the safety of Java, the Java virtual machine, and Java cardACM Computing Surveys10.1145/503112.50311533:4(517-558)Online publication date: 1-Dec-2001
https://dl.acm.org/doi/10.1145/503112.503115
Hauswirth MKerer CKurmanowytsch RGritzalis DJajodia S(2000)A secure execution framework for JavaProceedings of the 7th ACM conference on Computer and Communications Security10.1145/352600.352608(43-52)Online publication date: 1-Nov-2000
https://dl.acm.org/doi/10.1145/352600.352608
Romão ADa Silva MSilva A(2000)Secure Electronic Payments Based on Mobile AgentsDistributed and Parallel Databases10.1023/A:10087337222798:4(447-470)Online publication date: 1-Oct-2000
https://dl.acm.org/doi/10.1023/A%3A1008733722279

Abstract

References

Cited By

Recommendations

A formal specification of Java class loading

Class Loader Firmware on Java SoC

A formal specification of Java class loading

Comments

Information

Published In

Publisher

Publication History

Qualifiers

Contributors

Other Metrics

Bibliometrics

Article Metrics

Other Metrics

Citations

Cited By

View options

Share

Share this Publication link

Share on social media

Affiliations