Presentation is loading. Please wait.

Presentation is loading. Please wait.

Java Security Nathan Moore CS 665. Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model.

Published byWesley Parrish Modified over 8 years ago

Similar presentations

Presentation on theme: "Java Security Nathan Moore CS 665. Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model."— Presentation transcript:

1 Java Security Nathan Moore CS 665

2 Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model and Java Security Architecture Java 6 SE Security Extensions Known Vulnerabilities of Java Future of Java Security

3 Inherent Java Security (1) Every entity has an associated Access Level: Public, Protected, Default/Package, Private Provides encapsulation A strongly typed language: Restrictions on how data types can be mixed No direct memory access No notion of pointers Entities are accessed via references (by name) Variables must be initialized before they are used

4 Inherent Java Security (2) Objects can’t be arbitrarily cast into other objects (ensures a type safe environment): Strict use of extends, implements (inheritance) Compile time type checking of casting Programmers stringently declare the types of all storage locations and return values

5 Inherent Java Security (3) Common exceptions can easily be caught/thrown during run time NullPointer, ArrayIndexOutOfBounds, etc. Provides automatic memory management, garbage collection, and array range- checking Compiler and virtual machines perform compile time and run time checks (respectively)

6 The Java Runtime Environment (JRE) Consists of the Java Virtual Machine (JVM) and Class Libraries JVM: available for most platforms, provides the environment for java bytecode to execute Class Libraries: The Core Java API, contains classes for language support and added functionality

7 Java Virtual Machine (JVM) Platform Independence: “Write once, run anywhere!” Is an abstract virtual machine Diff. implementations: Sun, IBM, Oracle, MS Each thread has its own stack Typical instruction set: Load/Store, Arithmetic, etc. Interprets bytecode generated by Java compilers

8 Why Java Needs Security Source Code Compiler Web Browser Byte Code Web Server JVM Internet Local System Resources External Control over System Resources

9 Java Sandbox Model gives untrusted code a place to “play”

10 Java 2 Security Model All local or remote code passes through a Security Policy to determine what resources it has access to Configurable Security Policies provides fine- grained access control May or may not be provided, default security settings exist for untrusted code

11 Java 2 Security Model (2)

12 Stage 1: Accessing the Classes Need to get the local and remote classes required for program execution By default: only built in (Core API) code is trusted Local, Remote (Applet) code is untrusted Byte Code Verifier: performs checks on untrusted code file format, object references, method calls, parameter and return value validity, pointer forgery, stack overflows, array indices, etc.

13 Stage 2: Loading Classes Class Loader: uses dynamic linking to load classes at runtime Loads from different locations (file system/classpath, applet class) Prevents class spoofing (has been bypassed) Manages Java’s namespace definitions (naming scope) cs665.String vs. Java.lang.String Consults the Security Manager to see is program has permission to access a class

14 Stage 3: Program Execution Security Manager: Core component for implementing a custom Policy queried by the JVM each time untrusted code attempts to access a system resource Uses Access Controller to see if queries are permitted, throws a generic Security Exception otherwise

15 Stage 3: Policy Class (Dev) Manages class permissions to system resources Protection Domains: can associate one or more classes with a set of permissions Policy assigns each class to a Protection Domain

16 Stage 3: AccessController Class Invoked by the Security Manager Makes a decision based on: class domain in the Security Policy, and a stack inspection Stack inspection: a check on a sequence of class calls for resources and their resulting approval or denial

17 Default Security Protection Only built in, Core API code is trusted Applets are restricted from: Local file system access Creating network connections Creating security components (e.g.. Class Loader) Accessing user information Applications: No default security restrictions Implementing a Security Manager is optional

18 Java Cryptography Architecture (JCA) Part of Java SE 6, supports use of third party packages and is itself a “provider” Provides many different security services: digital signatures message digests: SHA-1 certificates and certificate validation: X.509 symmetric/asymmetric block/stream ciphers encryption: DSA, RSA key generation and management secure random number generation

19 JCA Ex: A Public Key and Signature (packaged as a Certificate) can be used to verify code integrity and validity of source

20 Java Authentication and Authorization Service (JAAS) Java Authentication and Authorization Service Can be used for two purposes: authentication of users authorization of users Provides access controls based on who the user is and that users associated permissions Upon user authentication, JAAS coordinates with the Security Manager and Access Controller

21 Custom Security Models Components of the Security Architecture (except for Verifier) are customizable Users: can specify own local security policy Policy Tool: GUI used to customize JRE Policy Developers: can customize everything else (Security Manager, Policy, AccessController, etc.) can use JCA and JAAS Users are responsible for their own protection

22 Security Weaknesses Fine-grained control with a price: complexity Relies on user to secure their own environment via a complex Policy Tool JVM Implementations: each have their own unique vulnerabilities Reverse engineering of class files to source code (obfuscation is not the answer) Many severe flaws have been addressed over the evolution of Java and the JVM

23 Famous Exploits (fixed) Jumping the Firewall: the only network connection an Applet can make is to its server of origin Steve Gibbons bypassed this security measure in 1996 using a DNS security flaw Slash and Burn: exploited the Dots and Slashes rule, which is used to search for local class files Malicous applets were able to execute

24 The Future of Java Security Java SE 6 is fully open source under GPL license Common misconceptions: o pen source = open code (i.e. insecure) Reality: open sourcing Java allows all aspects to be scrutinized by thousands of people Community Impact: existing security flaws will be publicized and addressed swiftly Many services are already provided, the next step is making them easier to use (hopefully!)

Download ppt "Java Security Nathan Moore CS 665. Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model."

Similar presentations

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu www.list.gmu.edu.

Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 16 Secure Coding in Java and.NET Part 1: Fundamentals.

© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 16 Secure Coding in Java and.NET Part 1: Fundamentals.
Enabling Secure Internet Access with ISA Server

Enabling Secure Internet Access with ISA Server
Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.

Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.
Java Applet Security Diana Dong CS 265 Spring 2004.

Java Applet Security Diana Dong CS 265 Spring 2004.
Java security (in a nutshell)

Java security (in a nutshell)
Applet Security Gunjan Vohra. What is Applet Security? One of the most important features of Java is its security model. It allows untrusted code, such.

Applet Security Gunjan Vohra. What is Applet Security? One of the most important features of Java is its security model. It allows untrusted code, such.
COEN 351: E-Commerce Security

COEN 351: E-Commerce Security
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)

Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
Dan Sedlacek CTO, Systems Management Group Sterling Software Java Security and Encryption.

Dan Sedlacek CTO, Systems Management Group Sterling Software Java Security and Encryption.
Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & email) Java Security on the Browser Java Security in the Enterprise.

Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & ) Java Security on the Browser Java Security in the Enterprise.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee 2007. 04. 23.

Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Lab Information Security Using Java (Review) Lab#0 Omaima Al-Matrafi.

Lab Information Security Using Java (Review) Lab#0 Omaima Al-Matrafi.
Lab#1 (14/3/1431h) Introduction To java programming cs425

Lab#1 (14/3/1431h) Introduction To java programming cs425
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)

Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.

LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Object Orientated Programming

Object Orientated Programming
1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.

1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.

Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
Prepared By E.Musa Alyaman1 Chapter 2 The Java Overview.

Prepared By E.Musa Alyaman1 Chapter 2 The Java Overview.

Similar presentations

Ads by Google