We present a method to certify a subset of the Java bytecode, with respect to security. The method is based on abstract interpretation of the operational semantics of the language. We define a concrete small-step enhanced semantics of the language, able to keep information on the flow of data and control during execution. A main point of this semantics is the handling of the influence of the information flow on the operand stack. We then define an abstract semantics, keeping only the security information and forgetting the actual values. This semantics can be used as a static analysis tool to check security of programs. The use of abstract interpretation allows, on one side, being semantics based, to accept as secure a wide class of program...
AbstractExisting Java verifiers perform an iterative data-flow analysis to discover the unambiguous ...
Security of mobile code is a major issue in today's global computing environment. When you download...
Abstract. The Java programming language has been widely described as secure by design. Nevertheless,...
We present an approach enabling end-users to prove security properties of the Java bytecode by stati...
Security of Java programs is important as they can be executed in different platforms. This paper ad...
When an applet is sent over the internet, Java Virtual Machine code is transmitted and remotely exec...
We present a method based on abstract interpretation to check secure information flow in programs wi...
This paper presents an approach to addressing the known weaknesses and security issues of JVM stack ...
This thesis is concerned with static code analysis. More particularly, with code analysis techniques...
Bytecode verification is a key point in the security chain of the Java platform. This feature is onl...
Language-based security provides a means to enforce end-to-end condentiality and integrity policies ...
The Java Virtual Machine embodies a verifier that performs a set of checks on Java bytecode programs...
Bytecode verification is a crucial security component for Java applets, on the Web and on embedded d...
The Java programming language has been widely described as secure by design. Nevertheless, a number ...
Although there are many approaches for developing secure programs, they are not necessarily helpful ...
AbstractExisting Java verifiers perform an iterative data-flow analysis to discover the unambiguous ...
Security of mobile code is a major issue in today's global computing environment. When you download...
Abstract. The Java programming language has been widely described as secure by design. Nevertheless,...
We present an approach enabling end-users to prove security properties of the Java bytecode by stati...
Security of Java programs is important as they can be executed in different platforms. This paper ad...
When an applet is sent over the internet, Java Virtual Machine code is transmitted and remotely exec...
We present a method based on abstract interpretation to check secure information flow in programs wi...
This paper presents an approach to addressing the known weaknesses and security issues of JVM stack ...
This thesis is concerned with static code analysis. More particularly, with code analysis techniques...
Bytecode verification is a key point in the security chain of the Java platform. This feature is onl...
Language-based security provides a means to enforce end-to-end condentiality and integrity policies ...
The Java Virtual Machine embodies a verifier that performs a set of checks on Java bytecode programs...
Bytecode verification is a crucial security component for Java applets, on the Web and on embedded d...
The Java programming language has been widely described as secure by design. Nevertheless, a number ...
Although there are many approaches for developing secure programs, they are not necessarily helpful ...
AbstractExisting Java verifiers perform an iterative data-flow analysis to discover the unambiguous ...
Security of mobile code is a major issue in today's global computing environment. When you download...
Abstract. The Java programming language has been widely described as secure by design. Nevertheless,...