1 / 15

Java Applet Security

Java Applet Security. Diana Dong CS 265 Spring 2004. The Problem. Millions of users download Java applets everyday, sometimes without prior approval from the user How to ensure malicious applets will not wreak havoc on the local machine?. Sandbox Idea.

Download Presentation

Java Applet Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript


  1. Java Applet Security Diana Dong CS 265 Spring 2004

  2. The Problem • Millions of users download Java applets everyday, sometimes without prior approval from the user • How to ensure malicious applets will not wreak havoc on the local machine?

  3. Sandbox Idea • A place where Java applet code can be executed, but no areas outside of the sandbox can be accessed by the applet. • Removes the responsibility of checking applet source from the user • Ensures execution of malicious applet will not do damage to the local machine

  4. Sandbox cont'd • Sandbox prohibits: • File system access • Network access • Creation of process • Process acess

  5. 4 Major Components of the Sandbox • Java Virtual Machine (JVM) built-in features • Class loader • Class file verifier • Security manager

  6. JVM Built-in Features • Type-safe reference casting • Structured memory access (no pointers) • Automatic garbage collection (can't explicitly free allocated memory) • Array bounds checking

  7. Class Loader • Responsible for importing binary data that defines the running program's classes and interfaces • Two types of class loaders: primordial class loader and class loader objects

  8. Class Loader cont'd • Primordial class loader loads trusted classes, such as the Java API. Classes that are loaded this way becomes part of the JVM. • Class loader objects are untrusted objects loaded into the JVM and instantiated like any other object

  9. Class Loader cont'd

  10. Class Loader cont'd • How does it protect? • Prevents malicious code from interfering with benevolent code – namespace. Classes are loaded into its own namespace. No access to other classes outside of its own namespace. • It guards the borders of the trusted class libraries. Customizable.

  11. Class Verifier • Checks the integrity of the class file to ensure no illegal bytecodes have been added • Uses built-in theorem prover to check integrity

  12. Class Verifier • 4 passes • Class file is read into interpreter and basic format of class file is checked • Additional verification of the class file without looking at the bytecodes • Bytecode verification of each method • Additional bytecode verification at runtime

  13. Security Manager • Defines which requests are allowed or disallowed through methods which can be overridden • Works hand-in-hand with the class loader to define the boundaries of the sandbox, i.e. what is allowed or disallowed.

  14. Other Methods • ActiveX uses code signing and digital signature. Verified signatures from trusted source imply reliable ActiveX control. • Java too offer digital signature in addition to the sandbox.

  15. Questions?

More Related