{"title":"Extensible security architectures for Java","authors":"D. Wallach, D. Balfanz, Drew Dean, E. Felten","doi":"10.1145/268998.266668","DOIUrl":null,"url":null,"abstract":"Mobile code technologies such as Java, JavaScript, and ActiveX generally limit all programs to a single restrictive security policy. However, software-based protection can allow for more extensible security models, with potentially significant performance improvements over traditional hardware-based solutions. An extensible security system should be able to protect subsystems and implement policies that are created after the initial system is shipped. We describe and analyze three implementation strategies for interposing such security policies in software-based security systems. Implementations exist for all three strategies: several vendors have adapted capabilities to Java, Netscape and Microsoft have extensions to Java's stack introspection, and we built a name space management system as an add-on to Microsoft Internet Explorer. Theoretically, all these systems are equivalently secure, but many practical issues and implementation details favor some aspects of each system.","PeriodicalId":340271,"journal":{"name":"Proceedings of the sixteenth ACM symposium on Operating systems principles","volume":"31 5","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1997-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"283","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings of the sixteenth ACM symposium on Operating systems principles","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/268998.266668","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 283
Abstract
Mobile code technologies such as Java, JavaScript, and ActiveX generally limit all programs to a single restrictive security policy. However, software-based protection can allow for more extensible security models, with potentially significant performance improvements over traditional hardware-based solutions. An extensible security system should be able to protect subsystems and implement policies that are created after the initial system is shipped. We describe and analyze three implementation strategies for interposing such security policies in software-based security systems. Implementations exist for all three strategies: several vendors have adapted capabilities to Java, Netscape and Microsoft have extensions to Java's stack introspection, and we built a name space management system as an add-on to Microsoft Internet Explorer. Theoretically, all these systems are equivalently secure, but many practical issues and implementation details favor some aspects of each system.
诸如Java、JavaScript和ActiveX之类的移动代码技术通常将所有程序限制在单一的限制性安全策略中。然而,基于软件的保护可以支持更多可扩展的安全模型,与传统的基于硬件的解决方案相比,具有潜在的显著性能改进。可扩展的安全系统应该能够保护子系统,并实现在初始系统交付后创建的策略。我们描述并分析了在基于软件的安全系统中插入此类安全策略的三种实现策略。这三种策略的实现都存在:一些供应商已经适应了Java的功能,Netscape和Microsoft对Java的堆栈自省进行了扩展,我们构建了一个名称空间管理系统,作为Microsoft Internet Explorer的附加组件。从理论上讲,所有这些系统都同样安全,但许多实际问题和实现细节有利于每个系统的某些方面。
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
