Prashant lamba
1 / 22

Prashant Lamba - PowerPoint PPT Presentation

  • Uploaded on

CMSC 838 Y Class Paper Presentation. Prashant Lamba. Mechanisms for Secure Modular Programming in JAVA. Lujo Bauer Andrew W Appel Edward W Felten. Theme of the Paper. To provide a new module system for java which improves deficiencies of the java package system.

I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
Download Presentation

PowerPoint Slideshow about 'Prashant Lamba' - jerrick

An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.

- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
Prashant lamba l.jpg

CMSC 838 YClass Paper Presentation

Prashant Lamba

Mechanisms for secure modular programming in java l.jpg

Mechanisms for Secure Modular Programming in JAVA

Lujo Bauer

Andrew W Appel

Edward W Felten

Theme of the paper l.jpg
Theme of the Paper

  • To provide a new module system for java which improves deficiencies of the java package system.

  • To emphasize the need of modular systems rather than Object oriented software system.

Deficiencies in java package system l.jpg
Deficiencies in JAVA Package System

  • Limited ability for the control access to their member class.

  • No explicit interfaces

  • Don’t support multiple view of modules

  • Problems with dynamic linking

Solution to the problem l.jpg
Solution to the problem

  • ML-style hierarchical module system

    • provides Explicit interface

    • Multiple views of Module

  • More control over external modules with which the code is linked

Slide6 l.jpg

Module System

Source FilesModule description file

Export Membership Import

Interface List Statement

Slide7 l.jpg

Abstract class Codgen{

Frame frame;

Abstract Assem.InstrList Codgen(Tree.Stm stm)


Export Interface

Membership List

Import Interface
















Fixing java packages l.jpg
Fixing Java Packages

  • Export Interfaces

    • Explicit export interfaces

      • Java package system lacks this feature

  • Membership List

    • Deficiency of java package makes malicious code to be part of trusted application like application.

Fixing java packages10 l.jpg
Fixing Java Packages

Attack Scenario in Java Package System:



Malicious Code class.Java

Malicious Code class.Java

Slide11 l.jpg

Fixing Java Packages

  • Hierarchical Scalability and Multiple Interface

    • Multiple view of an module is possible.

    • Example

    • Module M can have V1 and V2 view with class access A,B,C and A,D respectively

Slide12 l.jpg

Module MO

Exporting A,B,C,and D

Multiple View of Module M0

Module M1

Importing M0.A,M0.B,M0.C

Module M2

Importing M0.A,M0.D

Fixing java packages13 l.jpg
Fixing Java Packages

Name-Space management

  • Java packages are named it merely lifts the problem to package level.


    We can have clash between the two classes called Util.Parser

Slide14 l.jpg


Module system assigns the names via

import statements.

Secure linking l.jpg
Secure Linking

  • Java uses Type checking mechanism for the secure dynamic linking

    • Problem:

      Type checking guarantees that programs and libraries at least agree on the types they are using.

  • Java uses code signature when a system must trust the behavior of a particular executable.

    • Problem:

      In this scheme also we don’t know about the

      properties of the code

Slide16 l.jpg


  • We allow the programmer to require certain properties of the modules on which his code depends.

  • The properties our system supports are keywords about the behavior of his code.

  • It will cryptographically hash the < byte code, module description, property name>

Implementation l.jpg

Class Loader

Module Description File

Trf 3

Trf 2


Trf 1



Java Source

Byte Code

Trf = Transform


Execution in virtual machine l.jpg
Execution in Virtual Machine

  • Dynamic linking in JVM is managed by Class Loader.

  • A request to load a class is may be allowed by the digital signature of the class.

  • The Class loader of the system described uses module description file to set appropriate environment.

Slide20 l.jpg

Slide21 l.jpg

Problem: Type system can be broken

In our Module system identifiers for class names has

very little resemblance with the actual package names

they refer.


Rewriting the byte code replacing the symbolic

name with actual name.

Future work l.jpg
Future Work Type system can be broken

  • Support for the Refection API

  • Dynamic linking is an area that deserves more study.