This paper presents the enforcement of control flow policies for Java bytecode devoted to open and constrained devices. On-device enforcement of security policies mostly relies on run-time monitoring or inline checking code, which is not appropriate for strongly constrained devices such as mobile phones and smart-cards. We present a proof-carrying code approach with on-device lightweight verification of control flow policies statically at loading- time. Our approach is suitable for evolving, open and constrained Java-based systems as it is compositional, to avoid re-verification of already verified bytecode upon loading of new bytecode, and it is regressive, to cleanly support bytecode unloading.Ce rapport présente l'application de politiqu...
The objective of the lectures is to present type-based and logic-based mechanisms to ensure reliabil...
International audienceNon-interference guarantees the absence of illicit information flow throughout...
Abstract To offload the computational burden of bytecode verification within Java Virtual Machines (...
International audienceBytecode verification is a crucial security component for Java applets, on the...
AbstractIn the Mobile Resource Guarantees project's Proof Carrying Code implementation, .class files...
International audienceWhile mobile devices have become ubiquitous and generally multi-application ca...
Language-based security provides a means to enforce end-to-end condentiality and integrity policies ...
International audienceBytecode verification is a crucial security component for Java applets, on the...
Bytecode verification forms the corner stone of the Java security model that ensures the integrity o...
Bytecode verification forms the corner stone of the Java security model that ensures the integrity o...
AbstractBytecode verification forms the corner stone of the Java security model that ensures the int...
One significant disadvantage of interpreted bytecode languages, such as Java, is their low execution...
The safety of the Java Virtual Machine is founded on bytecode verification. Although verification co...
Bytecode verification is one of the key security functions of several architectures for mobile and e...
AbstractWe propose two control flow analyses for the Java bytecode. They safely approximate the set ...
The objective of the lectures is to present type-based and logic-based mechanisms to ensure reliabil...
International audienceNon-interference guarantees the absence of illicit information flow throughout...
Abstract To offload the computational burden of bytecode verification within Java Virtual Machines (...
International audienceBytecode verification is a crucial security component for Java applets, on the...
AbstractIn the Mobile Resource Guarantees project's Proof Carrying Code implementation, .class files...
International audienceWhile mobile devices have become ubiquitous and generally multi-application ca...
Language-based security provides a means to enforce end-to-end condentiality and integrity policies ...
International audienceBytecode verification is a crucial security component for Java applets, on the...
Bytecode verification forms the corner stone of the Java security model that ensures the integrity o...
Bytecode verification forms the corner stone of the Java security model that ensures the integrity o...
AbstractBytecode verification forms the corner stone of the Java security model that ensures the int...
One significant disadvantage of interpreted bytecode languages, such as Java, is their low execution...
The safety of the Java Virtual Machine is founded on bytecode verification. Although verification co...
Bytecode verification is one of the key security functions of several architectures for mobile and e...
AbstractWe propose two control flow analyses for the Java bytecode. They safely approximate the set ...
The objective of the lectures is to present type-based and logic-based mechanisms to ensure reliabil...
International audienceNon-interference guarantees the absence of illicit information flow throughout...
Abstract To offload the computational burden of bytecode verification within Java Virtual Machines (...