Implementing Protection Domains in the Java Development Kit 1.2
Saved in:
| Title: | Implementing Protection Domains in the Java Development Kit 1.2 |
|---|---|
| Authors: | Li Gong, Roland Schemers, Sun Microsystems |
| Contributors: | The Pennsylvania State University CiteSeerX Archives |
| Source: | http://www.cs.purdue.edu/homes/jv/smc/pubs/Gong-NDSS98.ps. |
| Publication Year: | 1988 |
| Collection: | CiteSeerX |
| Description: | The forthcoming Java TM Development Kit (JDK1.2) provides fine-grained access control via an easily configurable security policy. In this paper, we describe the design and implementation in JDK1.2 of the concept of protection domain, which is a cornerstone of the new security architecture. We present design rationales, implementation details, and performance data, which demonstrate the utility and efficiency of the new security architecture. 1 Introduction The original Java security model [5, 7], known as the sandbox model, provides a very restricted environment in which to run untrusted code (called applet) obtained from the open network. Overall security is enforced through a number of mechanisms, including language type-safety, bytecode verification, runtime type checking, name space separation via class loading, and access control via a security manager. The essence of the sandbox model is that local application is trusted to have full access to system resources while applet is . |
| Document Type: | text |
| File Description: | application/postscript |
| Language: | English |
| Relation: | http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.40.7266 |
| Availability: | http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.40.7266 http://www.cs.purdue.edu/homes/jv/smc/pubs/Gong-NDSS98.ps |
| Rights: | Metadata may be used without restrictions as long as the oai identifier remains attached to it. |
| Accession Number: | edsbas.FBAA1987 |
| Database: | BASE |
Nájsť tento článok vo Web of Science | Abstract: | The forthcoming Java TM Development Kit (JDK1.2) provides fine-grained access control via an easily configurable security policy. In this paper, we describe the design and implementation in JDK1.2 of the concept of protection domain, which is a cornerstone of the new security architecture. We present design rationales, implementation details, and performance data, which demonstrate the utility and efficiency of the new security architecture. 1 Introduction The original Java security model [5, 7], known as the sandbox model, provides a very restricted environment in which to run untrusted code (called applet) obtained from the open network. Overall security is enforced through a number of mechanisms, including language type-safety, bytecode verification, runtime type checking, name space separation via class loading, and access control via a security manager. The essence of the sandbox model is that local application is trusted to have full access to system resources while applet is . |
|---|