CS201J: Engineering Software, Fall 2003
|
Notes: Thursday 6 November 2003
Schedule Turning in PS5
- Tuesday, 11 November: PS5 Part 2
- Tuesday, 18 November: No class
- Tuesday, 25 November: PS6 Due
- Tuesday, 2 December: Exam 2 Out
- Friday, 5 December: Exam 2
If your program works, you do not need to turn in your PS5 code on paper. Just submit a zip file with all your code, and turn in on paper:
If your program does not work, you should also turn in a printout of all your code.
- A user description of your program (what it does)
- A description of your design including MDD (showing subtyping relationships)
- A description of your implementation and testing strategy. This can be brief, but should explain the order in which you implemented things and why, and how you divided the work among your team.
Notes How well does Java satisfy Sun's marketing claims?
A simple, object-oriented, distributed, interpreted, robust, secure, architecture neutral, portable, high-performance, multithreaded, and dynamic language.What does it mean for a programming language to be safe?
How does the Java programming language satisfy low-level code safety properties:How well does the Java VM language (byte codes) satisfy low-level code safety properties:
- Type Safety
- Memory Safety
- Control Flow Safety
What safety properties can and cannot be enforced by the Java byte code verifier?
- Type Safety
- Memory Safety
- Control Flow Safety
What kinds of properties can be enforced by reference monitors?
What are the vulnerabilities in the Java security approach?
Links If J. Random Websurfer clicks on a button that promises dancing pigs on his computer monitor, and instead gets a hortatory message describing the potential dangers of the applet --- he's going to choose dancing pigs over computer security any day. If the computer prompts him with a warning screen like: "The applet DANCING PIGS could contain malicious code that might to permanent damage to your computer, steal your life's savings, and impair your ability to have children," he'll click "OK" without even reading it. Thirty seconds later he won't even remember that the warning screen even existed.
- Some Hostile Java Applets
- Java Security Web Site (Gary McGraw and Ed Felten)
- Sun's Java Security [Applet Security FAQ] [Security Bug Chronology]
Bruce Schneier, Secrets and Lies, 2000.
University of Virginia Department of Computer Science CS 201J: Engineering Software |
Sponsored by the National Science Foundation |
cs201j-staff@cs.virginia.edu |