Adaptiveness in Well-Typed java bytecode verification

Huang, FY; Jay, B; Skillicorn, D

Adaptiveness in Well-Typed java bytecode verification

Huang, FY Jay, B

Skillicorn, D

Permalink

Publisher:: ACM Press
Publication Type:: Conference Proceeding
Citation:: Proceedings of the CASCON 2006, 2006, pp. 1 - 15
Issue Date:: 2006-01

Closed Access

	Filename	Description	Size
	2006005067.pdf		1.27 MB	Adobe PDF	View/Open

Copyright Clearance Process

Recently Added
In Progress
Closed Access

This item is closed access and not available.

Full metadata record

Field	Value	Language
dc.contributor.author	Huang, FY	en_US
dc.contributor.author	Jay, B https://orcid.org/0000-0001-8654-4305	en_US
dc.contributor.author	Skillicorn, D	en_US
dc.contributor.editor	Erdogmus, H	en_US
dc.contributor.editor	Stroulia, E	en_US
dc.contributor.editor	Stewart, D	en_US
dc.date	2006-10-16	en_US
dc.date.issued	2006-01	en_US
dc.identifier.citation	Proceedings of the CASCON 2006, 2006, pp. 1 - 15	en_US
dc.identifier.issn	1705-7345	en_US
dc.identifier.uri	http://hdl.handle.net/10453/7003
dc.description.abstract	Research on security techniques for Java bytecode has paid little attention to the security of the implementations of the techniques themselves, assuming that ordinary tools for programming, verification and testing are sufficient for security. However, different categories of security policies and mechanisms usually require different implementations. Each implementation requires extensive effort to test it and/or verify it.We show that programming with well-typed pattern structures in a statically well-typed language makes it possible to implement static byte-code verification in a fully type-safe and highly adaptive way, with security policies being fed in as first-order parameters, reduces the effort required to verify security of an implementation itself and the programming need for new policies. Also bytecode instrumentation can be handled in exactly the same way. The approach aims at reducing the workload of building and understanding distributed systems, especially those of mobile code.	en_US
dc.publisher	ACM Press	en_US
dc.relation.ispartof	Proceedings of the CASCON 2006	en_US
dc.relation.ispartof	Conference of the Center for Advanced Studies on Collaborative Research	en_US
dc.relation.isbasedon	10.1145/1190000/1188992/a19-huang.pdf?key1=1188992&key2=2303407711&coll=&dl=GUIDE&CFID=15151515&CFTOKEN=6184618	en_US
dc.rights	© ACM 2006. This is the author's version of the work. It is posted here by permission of ACM for your personal use. Not for redistribution. The definitive version was published in Proceedings of the CASCON 2006, 2006, pp. 1 - 15 http://doi.acm.org/10.1145/1190000/1188992/a19-huang.pdf?key1=1188992&key2=2303407711&coll=&dl=GUIDE&CFID=15151515&CFTOKEN=6184618	en_US
dc.title	Adaptiveness in Well-Typed java bytecode verification	en_US
dc.type	Conference Proceeding
utslib.location	Toronto, Canada	en_US
utslib.location.activity	Toronto, Canada	en_US
utslib.for	080203 Computational Logic and Formal Languages	en_US
dc.location.activity	Toronto, Canada	en_US
pubs.embargo.period	Not known	en_US
pubs.organisational-group	/University of Technology Sydney
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology
pubs.organisational-group	/University of Technology Sydney/Faculty of Engineering and Information Technology/School of Computer Science
pubs.organisational-group	/University of Technology Sydney/Strength - CAI - Centre for Artificial Intelligence
utslib.copyright.status	closed_access
pubs.consider-herdc	true	en_US
pubs.place-of-publication	Toronto, Canada	en_US
pubs.start-date	2006-10-16	en_US

Abstract:

Research on security techniques for Java bytecode has paid little attention to the security of the implementations of the techniques themselves, assuming that ordinary tools for programming, verification and testing are sufficient for security. However, different categories of security policies and mechanisms usually require different implementations. Each implementation requires extensive effort to test it and/or verify it.We show that programming with well-typed pattern structures in a statically well-typed language makes it possible to implement static byte-code verification in a fully type-safe and highly adaptive way, with security policies being fed in as first-order parameters, reduces the effort required to verify security of an implementation itself and the programming need for new policies. Also bytecode instrumentation can be handled in exactly the same way. The approach aims at reducing the workload of building and understanding distributed systems, especially those of mobile code.

Please use this identifier to cite or link to this item:

http://hdl.handle.net/10453/7003