Checking secure information flow in Java']Java bytecode by code transformation and standard bytecode verification

被引：10

作者：

Bernardeschi, C ^{[1
]}

De Francesco, N ^{[1
]}

Lettieri, G ^{[1
]}

Martini, L ^{[1
]}

机构：

[1] Univ Pisa, Dipartimento Ingn Informaz, I-56100 Pisa, Italy

来源：

SOFTWARE-PRACTICE & EXPERIENCE | 2004年 / 34卷 / 13期

关键词：

security; information flow; !text type='Java']Java[!/text] bytecode; bytecode verifier;

D O I：

10.1002/spe.611

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information How in the original code. We present a prototype tool that implements the method and we show an example of application. Copyright (C) 2004 John Wiley Sons, Ltd.

引用

页码：1225 / 1255

页数：31

共 50 条

[21] Java Bytecode Verification: Algorithms and Formalizations
Xavier Leroy
Journal of Automated Reasoning, 2003, 30 : 235 - 269
[22] A local approach for temporal model checking of Java']Java bytecode
Santone, A
Vaglini, G
JOURNAL OF COMPUTER AND SYSTEM SCIENCES, 2005, 70 (02) : 258 - 281
[23] Bytecode verification on Java smart cards
Leroy, Xavier
Software - Practice and Experience, 2002, 32 (04): : 319 - 340
[24] Bytecode transformation for portable thread migration in Java']Java
Sakamoto, T
Sekiguchi, T
Yonezawa, A
AGENT SYSTEMS, MOBILE AGENTS AND APPLICATIONS, 2000, 1882 : 16 - 28
[25] Java']Java bytecode optimizations
Lambright, HD
IEEE COMPCON 97, PROCEEDINGS, 1997, : 206 - 210
[26] Constraint based Testing and Verification of Java']Java Bytecode Programs
Achour, Safaa
Benattou, Mohammed
2018 IEEE 5TH INTERNATIONAL CONGRESS ON INFORMATION SCIENCE AND TECHNOLOGY (IEEE CIST'18), 2018, : 64 - 69
[27] Simple verification technique for complex Java']Java bytecode subroutines
Coglio, A
CONCURRENCY AND COMPUTATION-PRACTICE & EXPERIENCE, 2004, 16 (07): : 647 - 670
[28] A Java']Java Bytecode Formalisation
Czarnik, Patryk
Chrzaszcz, Jacek
Schubert, Aleksy
VERIFIED SOFTWARE: THEORIES, TOOLS, AND EXPERIMENTS, (VSTTE 2018), 2018, 11294 : 135 - 154
[29] Java']Java Bytecode Verification with OCL Why, How and When?
Bockisch, Christoph
Taentzer, Gabriele
Nassar, Nebras
Wydra, Lukas
JOURNAL OF OBJECT TECHNOLOGY, 2020, 19 (03): : 1 - 16
[30] Memory Requirements of Java']Java Bytecode Verification on Limited Devices
Klohs, Karsten
Kastens, Uwe
ELECTRONIC NOTES IN THEORETICAL COMPUTER SCIENCE, 2005, 132 (01) : 95 - 111

← 1 2 3 4 5 →