Using Standard Verifier to Check Secure Information Flow in Java Bytecode

Oxford, England August 26-August 29

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/CMPSAC.2002.1045113

26th Annual International Computer So ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Cinzia Bernardeschi Articles by Nicoletta De Francesco Articles by Giuseppe Lettieri

	ASCII Text	x
	Cinzia Bernardeschi, Nicoletta De Francesco, Giuseppe Lettieri, "Using Standard Verifier to Check Secure Information Flow in Java Bytecode," Computer Software and Applications Conference, Annual International, pp. 850, 26th Annual International Computer Software and Applications Conference, 2002.

	BibTex	x
	@article{ 10.1109/CMPSAC.2002.1045113, author = {Cinzia Bernardeschi and Nicoletta De Francesco and Giuseppe Lettieri}, title = {Using Standard Verifier to Check Secure Information Flow in Java Bytecode}, journal ={Computer Software and Applications Conference, Annual International}, volume = {0}, year = {2002}, issn = {0730-3157}, pages = {850}, doi = {http://doi.ieeecomputersociety.org/10.1109/CMPSAC.2002.1045113}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - Using Standard Verifier to Check Secure Information Flow in Java Bytecode SN - 0730-3157 SP EP A1 - Cinzia Bernardeschi, A1 - Nicoletta De Francesco, A1 - Giuseppe Lettieri, PY - 2002 KW - null VL - 0 JA - Computer Software and Applications Conference, Annual International ER -

Cinzia Bernardeschi, Università di Pisa

Nicoletta De Francesco, Università di Pisa

Giuseppe Lettieri, Università di Pisa

When an applet is sent over the internet, Java Virtual Machine code is transmitted and remotely executed. Because untrusted code can be executed on the local computer running the web browser, security problems may arise. Here we present a method to check illicit flows in Java bytecode, that exploits the type-level abstract interpretation of bytecode verification. We present an algorithm transforming a bytecode into another one that, when abstractly executed by the standard bytecode Verifier, reveals illicit information flows. We show an example of application of the method.

Citation:

Cinzia Bernardeschi, Nicoletta De Francesco, Giuseppe Lettieri, "Using Standard Verifier to Check Secure Information Flow in Java Bytecode," compsac, pp.850, 26th Annual International Computer Software and Applications Conference, 2002

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.