CS205 Notes 27
(25 October 2006)
Java Security
What does it mean for a programming language to be safe?
How does the Java programming language satisfy low-level code safety properties:
- Type Safety
- Memory Safety
- Control Flow Safety
What safety properties can and cannot be enforced by the Java byte code
verifier?
What kinds of properties can be enforced by reference monitors?
What are the vulnerabilities in the Java security approach?
Links
If J. Random Websurfer clicks on a button that
promises dancing pigs on his computer monitor, and instead gets a
hortatory message describing the potential dangers of the applet ---
he's going to choose dancing pigs over computer security any day. If
the computer prompts him with a warning screen like: "The applet
DANCING PIGS could contain malicious code that might to permanent
damage to your computer, steal your life's savings, and impair your
ability to have children," he'll click "OK" without even reading it.
Thirty seconds later he won't even remember that the warning screen
even existed.
Bruce Schneier, Secrets
and Lies, 2000.