Checking secure information flow in Java']Java bytecode by code transformation and standard bytecode verification

被引：10

作者：

Bernardeschi, C ^{[1
]}

De Francesco, N ^{[1
]}

Lettieri, G ^{[1
]}

Martini, L ^{[1
]}

机构：

[1] Univ Pisa, Dipartimento Ingn Informaz, I-56100 Pisa, Italy

来源：

SOFTWARE-PRACTICE & EXPERIENCE | 2004年 / 34卷 / 13期

关键词：

security; information flow; !text type='Java']Java[!/text] bytecode; bytecode verifier;

D O I：

10.1002/spe.611

中图分类号：

TP31 [计算机软件];

学科分类号：

081202 ; 0835 ;

摘要：

A method is presented for checking secure information flow in Java bytecode, assuming a multilevel security policy that assigns security levels to the objects. The method exploits the type-level abstract interpretation of standard bytecode verification to detect illegal information flows. We define an algorithm transforming the original code into another code in such a way that a typing error detected by the Verifier on the transformed code corresponds to a possible illicit information How in the original code. We present a prototype tool that implements the method and we show an example of application. Copyright (C) 2004 John Wiley Sons, Ltd.

引用

页码：1225 / 1255

页数：31

共 50 条

[41] On object initialization in the Java']Java bytecode
Doyon, S
Debbabi, M
COMPUTER COMMUNICATIONS, 2000, 23 (17) : 1594 - 1605
[42] Using contour marking bytecode verification algorithm on the java']java card
Jiang, Longlong
Li, Daiping
MECHATRONICS ENGINEERING, COMPUTING AND INFORMATION TECHNOLOGY, 2014, 556-562 : 4120 - +
[43] Dynamic semantics of Java']Java bytecode
Bertelsen, P
FUTURE GENERATION COMPUTER SYSTEMS, 2000, 16 (07) : 841 - 850
[44] Modeling the Java']Java Bytecode Verifier
Reynolds, Mark C.
SCIENCE OF COMPUTER PROGRAMMING, 2013, 78 (03) : 327 - 342
[45] Termination analysis of Java']Java Bytecode
Albert, Elvira
Arenas, Puri
Codish, Michael
Genaim, Samir
Puebla, German
Zanardini, Damiano
FORMAL METHODS FOR OPEN OBJECT-BASED DISTRIBUTED SYSTEMS, PROCEEDINGS, 2008, 5051 : 2 - +
[46] Finding Source Code Clones in Intermediate Representations of Java']Java Bytecode
Schaefer, Andre
Heinze, Thomas S.
Amme, Wolfram
2023 IEEE 17TH INTERNATIONAL WORKSHOP ON SOFTWARE CLONES, IWSC 2023, 2023, : 37 - 43
[47] Deadlock Detection of Java']Java Bytecode
Laneve, Cosimo
Garcia, Abel
LOGIC-BASED PROGRAM SYNTHESIS AND TRANSFORMATION (LOPSTR 2017), 2018, 10855 : 37 - 53
[48] Reverse execution of Java']Java bytecode
Cook, JJ
COMPUTER JOURNAL, 2002, 45 (06): : 608 - 619
[49] Detecting Java']Java Code Clones Based on Bytecode Sequence Alignment
Yu, Dongjin
Yang, Jiazha
Chen, Xin
Chen, Jie
IEEE ACCESS, 2019, 7 : 22421 - 22433
[50] Cost analysis of Java']Java bytecode
Albert, E.
Arenas, P.
Genaim, S.
Puebla, G.
Zanardini, D.
PROGRAMMING LANGUAGES AND SYSTEMS, PROCEEDINGS, 2007, 4421 : 157 - +

← 1 2 3 4 5 →