Entry Sun:2013:BJW from tissec.bib

Last update: Sun Oct 15 02:58:48 MDT 2017                Valid HTML 3.2!

Index sections

Top | Symbols | Numbers | Math | A | B | C | D | E | F | G | H | I | J | K | L | M | N | O | P | Q | R | S | T | U | V | W | X | Y | Z

BibTeX entry

@Article{Sun:2013:BJW,
  author =       "Mengtao Sun and Gang Tan and Joseph Siefers and Bin
                 Zeng and Greg Morrisett",
  title =        "Bringing {Java}'s wild native world under control",
  journal =      j-TISSEC,
  volume =       "16",
  number =       "3",
  pages =        "9:1--9:??",
  month =        nov,
  year =         "2013",
  CODEN =        "ATISBQ",
  DOI =          "https://doi.org/10.1145/2535505",
  ISSN =         "1094-9224 (print), 1557-7406 (electronic)",
  ISSN-L =       "1094-9224",
  bibdate =      "Mon Dec 9 11:22:22 MST 2013",
  bibsource =    "http://portal.acm.org/;
                 http://www.math.utah.edu/pub/tex/bib/java2010.bib;
                 http://www.math.utah.edu/pub/tex/bib/tissec.bib;
                 http://www.math.utah.edu/pub/tex/bib/virtual-machines.bib",
  abstract =     "For performance and for incorporating legacy
                 libraries, many Java applications contain native-code
                 components written in unsafe languages such as C and
                 C++. Native-code components interoperate with Java
                 components through the Java Native Interface (JNI). As
                 native code is not regulated by Java's security model,
                 it poses serious security threats to the managed Java
                 world. We introduce a security framework that extends
                 Java's security model and brings native code under
                 control. Leveraging software-based fault isolation, the
                 framework puts native code in a separate sandbox and
                 allows the interaction between the native world and the
                 Java world only through a carefully designed pathway.
                 Two different implementations were built. In one
                 implementation, the security framework is integrated
                 into a Java Virtual Machine (JVM). In the second
                 implementation, the framework is built outside of the
                 JVM and takes advantage of JVM-independent interfaces.
                 The second implementation provides JVM portability, at
                 the expense of some performance degradation. Evaluation
                 of our framework demonstrates that it incurs modest
                 runtime overhead while significantly enhancing the
                 security of Java applications.",
  acknowledgement = ack-nhfb,
  articleno =    "9",
  fjournal =     "ACM Transactions on Information and System Security",
  journal-URL =  "http://portal.acm.org/browse_dl.cfm?idx=J789",
}

Related entries