Hostile Java Applets

David Evans, University of Virginia

Introduction

Java Security Overview

Low-Level Code Safety

High-Level Code Safety

Low-Level Code Safety Mechanisms

Bytecode Verification

Run-Time Checks

High-Level Code Safety Mechanisms

Permissions

Policies

Enforcing Policies

Malicious Behavior

Exploiting Weak Policies

Consuming Resources

Countermeasures

Circumventing Policies

Violating Low-Level Code Safety

Policy Association

Security Checking

Defenses

Conclusion

Glossary

Cross References

References

INTRODUCTION

Java was introduced in 1995 as both a high-level programming language and an intermediate language, Java Virtual Machine language (JVML, sometimes called Java byte codes), and execution platform, the Java Virtual Machine (Java VM), designed for secure execution of programs from untrusted sources in Web browsers (Gosling, 1995). These small programs that are intended to execute within larger applications are known as applets. Java runs on a wide range of platforms scaling from the Java Card smart card environment (Chen, 2000) to the Java 2 Enterprise Edition (J2EE) for large component-based enterprise applications (Singh, Stearns, Johnson, & the Enterprise Team, 2002). This chapter focuses on the Java 2 Platform, Standard Edition (J2SE), which is the most common platform for desktop applications and servers, including Web browsers. Most of the security issues are the same across all Java platforms, however. Because of the limited functionality of the Java Card environment, ...