Secure execution of Java applets using a remote playground

IEEE Transactions on Software Engineering

Volumn 26, Issue 12, 2000, Pages 1197-1209

  Malkhi, Dahlia ^a  

^a HEBREW UNIVERSITY OF JERUSALEM   (Israel)

Author keywords

[No Author keywords available]

Indexed keywords

CODES (SYMBOLS); DATA COMMUNICATION SYSTEMS; GRAPHICAL USER INTERFACES; INTERCONNECTION NETWORKS; JAVA PROGRAMMING LANGUAGE; MOBILE COMPUTING; ONLINE SYSTEMS; SECURITY OF DATA; WEB BROWSERS;

MOBILE CODE; REMOTE METHOD INVOCATION; SOFTWARE PACKAGE JAVA APPLETS;

SOFTWARE ENGINEERING;

EID: 0034479192     PISSN: 00985589     EISSN: None     Source Type: Journal    
DOI: 10.1109/32.888632     Document Type: Article

References (32)

1. H.M. Abdel-Wahab and M.A. Feit, XTV: A Framework for Sharing X Window Clients in Remote Synchronous Collabora-tion, Proc. IEEE TriComm 91: Comm.for Distributed Applications & Systems, pp. 159-167, Apr. 1991.
2. V. Anupam and A. Mayer, Security of Web Browser Scripting Languages: Vulnerabilities, Attacks, and Remedies, Proc. Seventh USENIX Security Symp., pp. 187-199, Jan. 1998.
3. G. Back, P. Tullmann, L. Stoller, W.C. Hsieh, and J. Lepreau, Java Operating Systems: Design and Implementation, Technical Report UUCS-98-015, Univ. of Utah, Aug. 1998.
4. D. Balfanz and E.W. Feiten, A Java Filter, Technical Report 567-97, Dept. of Computer Science, Princeton Univ., Oct. 1997.
5. D. Balfanz and L. Gong, Experience with Secure Multiprocessing in Java, Proc. 18th Int'l Conf. Distributed Computing Systems, May 1998.
6. W.R. Cheswick and S.M. Bellovin, Firewalls and Internet Security, Repelling the Wily Hacker. Addison-Wesley, 1994.
7. D.B. Chapman and F.D. Zwicky, Building Internet Firewalls. O'Reilly & Associates, Sept. 1995.
8. G. Czajkowski and T. von Eicken, JRes: A Resource Accounting Interface for Java, Proc. ACM OOPSLA Conf., Oct. 1998.
9. D. Dean, E.W. Feiten, and D.S. Wallach, Java Security: From Hotjava to Netscape and Beyond, Proc. IEEE Symp. Security and Privacy, pp. 190-200, May 1996.
10. E.W. Feiten, D. Balfanz, D. Dean, and D.S. Wallach, Web Spoofing: An Internet Con Game, Proc. 20th Nat'1 Information Systems Security Conf., Oct. 1997.
11. D. Flanagan, Java in a Nutshell, second ed. O'Reilly & Associates, 1997.
12. L. Gong, Java Security: Present and Near Future, IEEE Micro, vol. 17, no. 3, pp. 14-19, May/June 1997.
13. L. Gong, M. Mueller, H. Prafullchandra, and R. Schemers, Going Beyond the Sandbox: An Overview of the New Security Architecture in the Java® Development Kit 1.2, Proc. USENIX Symp. Internet Technologies and Systems, Dec. 1997.
14. J. Hartman, L. Peterson, A. Bavier, P. Bigot, P. Bridges, B. Montz, R. Piltz, T. Proebsting, and O. Spatscheck, Joust: A Platform for Communications-Oriented Liquid Software, Technical Report TR97-16, Dept. of Computer Science, Univ. of Arizona, Nov. 1997.
15. C. Hawblitzel, C. Chang, G. Czajkowski, D. Hu, and T. von Eicken, Implementing Multiple Protection Domains in Java, Proc. Usenix Ann. Technical Conf., June 1998.
16. A. Herbert, Secure Mobile Code Management: Enabling Java for the Enterprise, May 1997, http://www.digitivity.com.
17. J.H. Howard, M.J. Kazar, S.G. Menées, D.A. Nichols, M. Satyanaraynan, R.N. Sidebotham, and M.J. West, Scale and Performance in a Distributed File System, ACM Trans. Computer Systems, vol. 6, no. 1, pp. 51-81, 1988.
18. M. Ladue, Pushing the Limits of Java Security, Tricks of the Java Programming Gurus, G. Vanderburg, ed., Sams.net Publishing, 1996.
19. T. Lindholm and F. Yellin, The Java Virtual Machine Specification. Addison-Wesley, 1997.
20. G. McGraw and E.W. Feiten, Java Security: Hostile Applets, Holes, and Antidotes. John Wiley & Sons, 1997.
21. D. Malkhi, M. Reiter, and A. Rubin, Secure Execution of Java Applets Using a Remote Playground, Proc. IEEE Symp. Security and Privacy, pp. 40-51, May 1998.
22. M.S. Manasse and G. Nelson, Trestle Reference Manual, Research Report 68, Digital Corp. SRC, 1991.
23. D. Martin, S. Rajagopalan, and A.D. Rubin, Blocking Java Applets at the Firewall, Proc. Internet Soc. Symp. Network and Distributed System Security, pp. 16-26, Feb. 1997.
24. D. Mosberger and L.L. Peterson, Making Paths Explicit in the Scout Operating System, Proc. Second Operating Systems Design and Implementation Con/, OSDI, pp. 153-167, Oct. 1996.
25. G.G. Necula, Proof Carrying Code, Proc. 24th Ann. ACM SIGPLAN-SIGACT Symp. Principles of Programming Languages, Jan. 1997.
26. G.C. Necula and P. Lee, Safe Kernel Extensions without RunTime Checking, Proc. Second Symp. Operating Systems Design and Implementation, pp. 229-243, Oct. 1996.
27. Sun Microsystems, Inc., Java Object Serialization Specification, Revision 1.2, Dec. 1996.
28. Sun Microsystems, Inc., Java Remote Method Invocation Specification. 1997.
29. T. Richardson, Teleporting-Mobile X Sessions, Proc. Ninth Ann. X Technical CoJ., Jan. 1995.
30. Z. Rosberg, B. Berg, and J. Wille, IBM Explains How to Use the Remote Abstract Windowing Toolkit (RAWT), AS/400 Network Expert Newsletter, pp. 26-30, Jan./Feb. 1999.
31. D.S. Wallach, D. Balfanz, D. Dean, and E.W. Feiten, Extensible Security Architectures for Java, Proc. 16th ACM Symp. Operating Systems Principles, Oct. 1997.
32. K.R. Wood, T. Richardson, F. Bennet, A Harter, and A. Hopper, Global Teleporting with Java: Towards Ubiquitous Personalised Computing, Technical Report 96.2, Olivetti Research Ltd., Cambridge, England.