Presentation is loading. Please wait.

Presentation is loading. Please wait.

Rob Jaeger, University of Maryland, Department of Computer Science 1 Programmable Network Devices: A Revolution! Robert F. Jaeger University of Maryland.

Published byLorena Gregory Modified over 8 years ago

Similar presentations

Presentation on theme: "Rob Jaeger, University of Maryland, Department of Computer Science 1 Programmable Network Devices: A Revolution! Robert F. Jaeger University of Maryland."— Presentation transcript:

1 Rob Jaeger, University of Maryland, Department of Computer Science 1 Programmable Network Devices: A Revolution! Robert F. Jaeger University of Maryland Department of Computer Science rfj@cs.umd.edu

2 Rob Jaeger, University of Maryland, Department of Computer Science 2 Programmable Network Devices Openly Programmable devices enable new types of intelligence on the network

3 Rob Jaeger, University of Maryland, Department of Computer Science 3 Agenda Local Computation New types of applications Programmable and Active Networks Network Services Architecture Issues Summary

4 Rob Jaeger, University of Maryland, Department of Computer Science 4 Changing the Rules of the Game Move Turing Machine onto device –Run non-vendor/non-bundled applications on network device while (true) { doLocalProcessingOnDevice() }

5 Rob Jaeger, University of Maryland, Department of Computer Science 5 Non-vendor/Non-bundled Applications Reversed Applets non-bundled application Server The JVM is in the Device: supports non-bundled apps Web Server Web Browser Applet The JVM is in the Browser Download applications for local processing Download applications for local processing

6 Rob Jaeger, University of Maryland, Department of Computer Science 6 The Web Changed Everything Browsers –Introducing JVM to browsers allowed dynamic loading of Java Applets to end stations Routers –Introducing JVM to routers allows dynamic loading of Java Oplets to routers This Capability WILL Change Everything

7 Rob Jaeger, University of Maryland, Department of Computer Science 7 Architecture to Augment Vendor- Provided Software Supports non-vendor applications End-user custom application development –Tight interaction between business applications and network devices Domain experts who understand business goals Innovative approaches –“Features on Demand” download software services dynamically add new capabilities

8 Rob Jaeger, University of Maryland, Department of Computer Science 8 Java-based Application Paradigm Shift Supports distributed computing applications in which network devices participate –router to router –server to router Java-based Application Java-based Application

9 Rob Jaeger, University of Maryland, Department of Computer Science 9 Network Device Dynamic loading Example: Downloading Intelligence Example: Downloading Intelligence HW OS JVM React Monitor Authentication Security Intelligence application

10 Rob Jaeger, University of Maryland, Department of Computer Science 10 Device-based Intelligence Static-vs-Dynamic Agents –Static SNMP set/get mechanisms Telnet, User Interfaces (cli, web, etc…) –Dynamic closed-loop interaction on nodes capable of dealing with new and difficult situations autonomous and rational properties system monitoring & modification report status and trends

11 Rob Jaeger, University of Maryland, Department of Computer Science 11 Agenda Local Computation New types of Applications Programmable and Active Networks Network Services Architecture Issues Summary

12 Rob Jaeger, University of Maryland, Department of Computer Science 12 New Types of Applications Mobile Agents Local Intelligence for NMS Application layer collaboration among routers Distributed computing involving network devices and servers E-commerce

13 Rob Jaeger, University of Maryland, Department of Computer Science 13 Mobile Agents Intrusion Detection - Hacker Chaser Traceroute for Layer 2 Mobile Connectivity Mapper

14 Rob Jaeger, University of Maryland, Department of Computer Science 14 Local Intelligence for NMS: Diagnostic Agents Download Intelligent Agent monitor from NMS to the device. Wait for threshold. Might be complex conditions Trend analysis Send “condition exceeded” event to NMS. Automatic download appropriate application Application takes action. Monitor Appropriate Application Download Complex Condition Exceeded NMS No more polling router Extensive access to internal resources

15 Rob Jaeger, University of Maryland, Department of Computer Science 15 Application Layer Collaboration Among Routers and Servers Multicast Caching Web Caching Server farm load balancing –server state monitored –rerouting based on congestion/load Auctioning Applications

16 Rob Jaeger, University of Maryland, Department of Computer Science 16 E-Commerce Example Business logic based operation changes Resize forwarding queues Modify congestion control algorithm Adjust Packet Scheduling Change routing table

17 Rob Jaeger, University of Maryland, Department of Computer Science 17 Agenda Local Computation New types of applications Programmable and Active Networks Architecture Issues Summary

18 Rob Jaeger, University of Maryland, Department of Computer Science 18 Programmable Networks IEEE P1520 Working Group Benefits of Standard Network APIs –separation of service business/vendor business ISP resources visible for controlled modification 3rd party signaling vendors –faster standardization –extensibility –richer semantics e.g. dynamic binding http://www.ieee-pin.org

19 Rob Jaeger, University of Maryland, Department of Computer Science 19 Programmable Networks IETF - vs- IEEE P1520 –IEFT - Internet standardized algorithms and protocol semantics –P1520 standardized programming interfaces MPLS Example –Create IDL that captures the programmability requirements of IP routers/switches from MPLS algorithm perspective –Common interface definitions would be used by RSVP, LDP, or traffic engineering

20 Rob Jaeger, University of Maryland, Department of Computer Science 20 The P1520 Reference Model Algorithms for value-added communication services created by network operators, users, and third parties Algorithms for routing and connection management, directory services etc. Value Added Services Level Virtual Network Device (software representation) Physical Elements (hardware, namespace) L interface Network Generic Services Level Virtual Network Devices Level End User Applications V interface U interface CCM interface PE Level

21 Rob Jaeger, University of Maryland, Department of Computer Science 21 Active Networking “ The active network provides a platform on which network services can be experimented with, developed, and deployed” http://www.darpa.mil/ito/research/anets/index.html

22 Rob Jaeger, University of Maryland, Department of Computer Science 22 Active Network Objectives Minimize amount of global agreement –Do not require global agreement to support dynamic modification of the network Support fast-path processing optimization Scale to very large global active networks Provide mechanisms to ensure security and robustness of nodes and of the network Provide mechanisms to support different QoS/CoS

23 Rob Jaeger, University of Maryland, Department of Computer Science 23 Active Network Architecture NodeOS - manages resources for the node Execution Environment - –provides an API to applications or –a shell interface through which end-to-end nework services can be accessed. Active Applications - implementation of network services which utilize the local computation and access to router resources.

24 Rob Jaeger, University of Maryland, Department of Computer Science 24 Node Operating System Latest Specification (June 15, 1999) Abstractions –Channels –Memory Pools –Thread Pools –Files –Flows

25 Rob Jaeger, University of Maryland, Department of Computer Science 25 NodeOS - Channels Flows create channels to send, receive and forward packets –InChan - receives packet from network to EE –OutChan - puts packets onto the network from EE –CutChan - bypasses the Execution Environment Bandwidth Limitation Buffer Pool -- queued pkts NodeOs Execution Environment CutChan OutChanInChan Transmission Facilities Applications...

26 Rob Jaeger, University of Maryland, Department of Computer Science 26 Active Network Encapsulation Protocol Routes AN packets to EEs ANEP_PORT = udp 3322 TypeID identifies EE Tag Length Values (TLVs) –specify source/dest IP addresses –port numbers –Payload NodeOS ANTS Execution Environment typeID=18 PLAN Execution Environment ANEPd Transmission Facilities typeID=19

27 Rob Jaeger, University of Maryland, Department of Computer Science 27 NodeOS - Memory Pools Combines memory for one or more flows Shared by threads within flows mmap-style interface to page allocation flow in which thread runs charged for resource EE notified when flow exceeds limits Flow (and associated threads) terminated upon violation

28 Rob Jaeger, University of Maryland, Department of Computer Science 28 NodeOS - Thread Pools Computational Abstraction –Number of threads in Pool –Scheduler to be used (round robin, … ) –Max execution time between yields –Per thread stack size No explicit operation for creation/ termination -- activated by events Termination of flow if thread misbehaves

29 Rob Jaeger, University of Maryland, Department of Computer Science 29 NodeOS - File Not Manditory Provides Persistent Storage EE specific view of filesystem –via namespace(AN/ANTS; AN/PANTS) Shared Memory for inter-EE communication

30 Rob Jaeger, University of Maryland, Department of Computer Science 30 NodeOS - Flows Primary abstraction for accounting, admission control, and scheduling Flow consists of: –Channels –Memory –Threads Flow can be –Execution Environments –Active Applications NodeOs Execution Environment CutChan OutChanInChan Transmission Facilities Applications...

31 Rob Jaeger, University of Maryland, Department of Computer Science 31 ANTS Execution Environment Facilitates deploying new protocols and services in network Toolkit for implementing an active network –Active Nodes –Network Nodes NodeOs ANTS Execution Environment CutThru OutChanInChan Mobile CodeMulticast Ping

32 Rob Jaeger, University of Maryland, Department of Computer Science 32 ANTS Execution Environment Capsules are the unit of transfer for data and code –source & destination addresses –previous node address –resource limits –encoding and evaluation methods methods –Protocol/Group/Method ID access methods Data Capsule –source & destination port numbers –identifies active application

33 Rob Jaeger, University of Maryland, Department of Computer Science 33 ANTS Code Distribution “Node” object is core of Runtime System –UDP Channels –Methods to Send/Receive Capsules –Supports numbers applications identified by port number Consists of Built-in protocols Accepts registration of new protocol –capsule code stored in code cache –signature (hash) computed for code

34 Rob Jaeger, University of Maryland, Department of Computer Science 34 ANTS Code Distribution Allows Definition of additional protocols –Protocol –Code Group (transitive closure of calls) Dynamic Code Distribution via Capsules –Capsule arrives and node can’t evaluate it protocol not on active node must request packet from previous active node –DLBootstrap Capsule –DLRequest Capsule –DLResponse Capsule

35 Rob Jaeger, University of Maryland, Department of Computer Science 35 ANTS Execution Environment AN_Ping Application NodeOS ANTS Execution Environment OutChan InChan AN_Ping Application Ping Capsule NodeOS ANTS Execution Environment OutChanInChan DLBootstrap Capsule DLRequest Capsule DLResponse Capsule

36 Rob Jaeger, University of Maryland, Department of Computer Science 36 Agenda Local Computation New types of applications Programmable and Active Networks Architecture Issues Summary

37 Rob Jaeger, University of Maryland, Department of Computer Science 37 Open Device Architecture Download Service Device HW Operating System JVM Java Service Java Service Java Lib C/C++ API Java API Device Code DataCom API Native Code Device Drivers JNI

38 Rob Jaeger, University of Maryland, Department of Computer Science 38 SNMP API for Network Mgmt API is generated automatically Device-based monitoring –Query MIB –Identify trends Initiate action locally –Report trends and/or significant events –Download problem specific diagnostic code –Take corrective action

39 Rob Jaeger, University of Maryland, Department of Computer Science 39 MIB API Example API uses a MIB Map to dispatch requests to variable access routines Different parts of the MIB tree can be serviced by different mechanisms An ad hoc interface to the SNMP instrumentation layer A generic SNMP loopback

40 Rob Jaeger, University of Maryland, Department of Computer Science 40 Java Network Services Environment Service 2 Java Virtual Machine JavaResouceManager Java Network Services Environment Service 3 Service 1 dependencies Service 4

41 Rob Jaeger, University of Maryland, Department of Computer Science 41 Our Prototype Java Environment Present RTOS with single unified task that includes: –Java VM (JVM) –Java Resource Manager (JRM) thread scheduling manages CPU utilization –JVM time-slice is managed by the JRM preemptive thread scheduler internal memory manager (intercepts “new”) garbage collection with priority based on available memory

42 Rob Jaeger, University of Maryland, Department of Computer Science 42 Why Java Dynamic class loading Reuse security mechanisms –Byte-code Verifier –Security Manager –Class Loader System stability –Constrain applications to the Java VMs –Prohibit native code applications Extensible, portable, & distributable services

43 Rob Jaeger, University of Maryland, Department of Computer Science 43 But Java is slooowwwww Not appropriate in the fast-path data forwarding plane –forwarding is done by ASICs –packet processing not affected Java applications run on the CPU –Packets destined for Java application are pushed into the control plane

44 Rob Jaeger, University of Maryland, Department of Computer Science 44 Agenda Openness Local Computation New type of applications Programmable and Active Networks Architecture Issues & Questions Summary

45 Rob Jaeger, University of Maryland, Department of Computer Science 45 Architecture Issues Approach 1: Native Threads One JVM per principle One RTOS task per JVM Non-interference between Java applications Difficult thread-to-thread communication and sharing of data between threads Creates a dependency on underlying RTOS Multiple JVM instances consume resources

46 Rob Jaeger, University of Maryland, Department of Computer Science 46 Architecture Issues Approach 2: Single JVM - Green Threads Present one unified task to the RTOS JVM manages CPU & memory resources between competing threads; Propagation of component failure Requires modifications to the JVM Binding of resources to the JVM

47 Rob Jaeger, University of Maryland, Department of Computer Science 47 Security Issues Old model: Cannot isolate core router functions –Dangerous Pointers (C/C++) Can touch sensitive memory location –Risk: Memory allocations and Free Allocation without freeing (leaks) Free without allocation (core dump !!!! ) Limited security in SNMP

48 Rob Jaeger, University of Maryland, Department of Computer Science 48 Security and Stability secure download of Java Applications safe execution environment –insulate core router applications from dynamically loaded applications –protect services from one another

49 Rob Jaeger, University of Maryland, Department of Computer Science 49 Strong Security in the new model The new concept is to securely download 3rd party code to network devices –Digital Signature –Administratively Certified Services –Access only to the published API –Verifier - only correct code is loaded –Class loader access list –No pointers that can do harm –No access outside the JVM space –JVM has run time bounds, type, and execution checking

50 Rob Jaeger, University of Maryland, Department of Computer Science 50 Language Based Protection Type Safety –Reference to Objects, not random memory –Inappropriate accesses to memory not allowed Restricts what operations code can perform on what memory locations operations on objects must be valid for that object –dynamic access control (via reference) –static access control (via public, private)

51 Rob Jaeger, University of Maryland, Department of Computer Science 51 Access Control [6] class A { private int i; public int j; public static void method1() { A a1 = new A(); A a2 = new A(); B.method2(a1); } } class B public static void method2 (A arg) { arg.j++; arg.i++; // illegal } - method2 has access to public j but not to private i - method2 cannot forge a reference to a2 given the a1 reference

52 Rob Jaeger, University of Maryland, Department of Computer Science 52 How to Access a Class 1. Must get Class Object a. Class is in classpath (not secure on net) b. Class reference is available (visible) c. Have a ClassLoader Object to load Class 2. Reference to Object 3. Method access control (public) For static methods, need just 1 and 3

53 Rob Jaeger, University of Maryland, Department of Computer Science 53 Class Loaders Load new classes into the JVM at runtime –fetches code from URL or file –submits to JVM for verification –integrates code into JVM for execution –references to other classes causes additional class loader invocations Enforces protection - expose visibility and hiding –classes see classes loaded by same classloader –can use class loaders to expose classes

54 Rob Jaeger, University of Maryland, Department of Computer Science 54 NameSpaces A namespace is –a set of unique names of classes loaded by a Class Loader and the binding of each name to a specific class object –variables, methods, & type names are all different instances in different domains

55 Rob Jaeger, University of Maryland, Department of Computer Science 55 Cross Domain Communication Desire that Protection Domains share classes and NOT require same Class Loader How do we achieve this? –Runtime System to provide communication between components. –Java Network Service Environment –What is the policy?

56 Rob Jaeger, University of Maryland, Department of Computer Science 56 Building Protection Domains Use multiple namespaces –Variables, methods, type names are all different instances in different domains –Could use Object references for cross-domain communication e.g. FileSystemInterface –Selective class sharing –Problems result

57 Rob Jaeger, University of Maryland, Department of Computer Science 57 Protection Domains - Revocation Access to an object reference cannot be revoked Wrap object with revocable object that is a delegator to real object –all methods wrapped Programmer may forget to wrap objects referenced by wrapped object (tracking problem)

58 Rob Jaeger, University of Maryland, Department of Computer Science 58 Protection Domains: Revocation [6] class A { public int method1(int a1, int a2); } class AWrapper { private A a; private boolean revoked; public int method1(int a1, int a2) { if (!revoked) return a.meth1(a1, a2) ; else throw new RevokedException; } public void revoke() {revoked=true;} public AWrapper (A realA) { a = realA; revoked = false; } }

59 Rob Jaeger, University of Maryland, Department of Computer Science 59 Protection Domains: Inter- domain dependencies Sharing Object references between domains Mutable shared objects can be changed Malious attack: –pass byte array w/ legal bytecode to classloader –once verified, overwrite with illegal bytecode Should copy bytecode to classloader, not pass reference

60 Rob Jaeger, University of Maryland, Department of Computer Science 60 Protection Domains: Termination Upon domain termination: –should all references obtained be released? two Strings in different domains may reference the same byte array –should object be kept alive if referenced by other domains? clients could hold onto references to objects of a dead server

61 Rob Jaeger, University of Maryland, Department of Computer Science 61 Protection Domains: Threads Method invocation for cross domain calls both execute in same thread –caller blocks until callee returns how does caller back out gracefully? –untrusted domain calls stop() or suspend after calling trusted method -- state left unstable and blocked –untrusted callee can block caller that may be in critical section

62 Rob Jaeger, University of Maryland, Department of Computer Science 62 Protection Domains: Accounting How do you account for resources obtained by a domain? –CPU cycles –Memory pages –Bandwidth on a channel

63 Rob Jaeger, University of Maryland, Department of Computer Science 63 Safety Precise definition of protection domains –local object –non-local shared objects (capability objects) Define communication channels between protection domains Support revocation capabilities Define semantics for domain termination

64 Rob Jaeger, University of Maryland, Department of Computer Science 64 J-Kernel Class Loaders Each Classloader defines a namespace –must manage & secure namespace –can modify bytecodes –creates stub code for cross-domain communication -- use local RMI calls –substitutes “safe” versions of standard classes e.g. file system access

65 Rob Jaeger, University of Maryland, Department of Computer Science 65 J Kernel Concepts Capabilities: –handles to resources in other domains –revoke access by setting handle to null –client throws an exception Domain: –each domain has a namespace and threads under its control –shared classes –capabilities access is revoked upon termination

66 Rob Jaeger, University of Maryland, Department of Computer Science 66 J Kernel Concepts Cross domain calls: – use calls to “capability” methods using LRMI –special calling convention pass by Reference: arguments and return values if they are Capability Objects--- references not shared outside domain passed by Copy: if NOT Capability Objects or primitive types rules are applied recursively (deep copy) –Stubs to methods are created at run-time simulate thread switching for save method calls –Capabilities are shared between domains

67 Rob Jaeger, University of Maryland, Department of Computer Science 67 Observations Expensive –method invocation via stubs –simulated thread switching (and thread switching) acquire/releasing of locks cheaper than real thread switching (50% of cost) –looking up the current thread –argument copying is expensive

68 Rob Jaeger, University of Maryland, Department of Computer Science 68 Questions How do you insulate core router functionality? How do you securely download code? How do you do resource accounting? How do you assure resource safety? –fair share or priority share quotas? CPU Memory Bandwidth

69 Rob Jaeger, University of Maryland, Department of Computer Science 69 Questions Native or Green Threads? How do you protect services from one another (trusted -vs- untrusted)? –stable state for critical sections –enforce return from untrusted method –kill untrusted threads –security manager rejects forbidden actions

70 Rob Jaeger, University of Maryland, Department of Computer Science 70 Agenda Openness Local Computation New type of applications Programmable and Active Networks Architecture Issues Summary

71 Rob Jaeger, University of Maryland, Department of Computer Science 71 Summary –Turing Machine on network devices –dynamic agents vs. static agents –dynamic loading –strong security through JVM –safety among shared components via Java Network Services Environment Enabling Technology for the Revolution

72 Rob Jaeger, University of Maryland, Department of Computer Science 72 References [1] P.Bernadat, D. Lambright, and F. Travostino, “Towards a Resource-safe Java for Service- Guarantees in Uncooperative Environments,” IEEE Symposium on Programming Languages for Real-time Industrial Applications (PLRTIA) ‘98, Madrid, Spain, Dec. ‘98. [2] Active Networking Node OS Working Group, NodeOS Interface Specification", June 15, 1999 [3] Active Networks Working Group, "Architectural Framework for Active Networks Version 0.9", August 31, 1999 [4] T. Lavian, R. Jaeger, "Open Programmable Architecture for Java-enable Network Devices", Stanford Hot Interconnects, August 1999. [5] D. Wetherall et al. ANTS: A Toolkit for Building andDynamically Deploying Network Protocols. OPENARACH'98 [6] C. Hawblitzel, C. Chang, G. Czajkowski, D. Hu, T. von Eicken, “Implementing Multiple Protection Domains in Java”, 1998 USENIX Annual Technical Conference, New Orleans, LA, June 1998 [7] R. Jaeger, T. Lavian, R. Duncan, “Open Programmable Architecture for Java-enabled Network Devices”, To be presented at LANMAN ‘99, Sydney, Australia, November 1999

Download ppt "Rob Jaeger, University of Maryland, Department of Computer Science 1 Programmable Network Devices: A Revolution! Robert F. Jaeger University of Maryland."

Similar presentations

Operating Systems Components of OS

Operating Systems Components of OS
COS 461 Fall 1997 Network Objects u first good implementation: DEC SRC Network Objects for Modula-3 u recent implementation: Java RMI (Remote Method Invocation)

COS 461 Fall 1997 Network Objects u first good implementation: DEC SRC Network Objects for Modula-3 u recent implementation: Java RMI (Remote Method Invocation)
Operating System Structures

Operating System Structures
Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,

Department of Computer Science and Engineering University of Washington Brian N. Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
The road to reliable, autonomous distributed systems

The road to reliable, autonomous distributed systems
1 Improving the Performance of Distributed Applications Using Active Networks Mohamed M. Hefeeda 4/28/1999.

1 Improving the Performance of Distributed Applications Using Active Networks Mohamed M. Hefeeda 4/28/1999.
Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.

Notes to the presenter. I would like to thank Jim Waldo, Jon Bostrom, and Dennis Govoni. They helped me put this presentation together for the field.
Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.

Contiki A Lightweight and Flexible Operating System for Tiny Networked Sensors Presented by: Jeremy Schiff.
Open Innovation via Java-enabled Network Devices Tal Lavian

Open Innovation via Java-enabled Network Devices Tal Lavian
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
G22.3250-001 Robert Grimm New York University Extensibility: SPIN and exokernels.

G Robert Grimm New York University Extensibility: SPIN and exokernels.
Extensibility, Safety and Performance in the SPIN Operating System Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,

Extensibility, Safety and Performance in the SPIN Operating System Brian Bershad, Stefan Savage, Przemyslaw Pardyak, Emin Gun Sirer, Marc E. Fiuczynski,
Run time vs. Compile time

Run time vs. Compile time
Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.

Rob Jaeger, University of Maryland, Department of Computer Science 1 Active Networking “ The active network provides a platform on which network services.
Unified Device Management via Java-enabled Network Devices Tal Lavian Rob Duncan Bay Architecture Lab, Santa.

Unified Device Management via Java-enabled Network Devices Tal Lavian Rob Duncan Bay Architecture Lab, Santa.
Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.

Operating Systems Concepts 1. A Computer Model An operating system has to deal with the fact that a computer is made up of a CPU, random access memory.
What do operating systems do? manage processes manage memory and computer resources provide security features execute user programs make solving user.

What do operating systems do? manage processes manage memory and computer resources provide security features execute user programs make solving user.
Session-02. Objective In this session you will learn : What is Class Loader ? What is Byte Code Verifier? JIT & JAVA API Features of Java Java Environment.

Session-02. Objective In this session you will learn : What is Class Loader ? What is Byte Code Verifier? JIT & JAVA API Features of Java Java Environment.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.

Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Java Security Updated May 2007. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.

Similar presentations

Ads by Google