Full-Text Search:
Home|Journal Papers|About CNKI|User Service|FAQ|Contact Us|中文
《Acta Electronica Sinica》 2013-01
Add to Favorite Get Latest Update

A Full Automatic Detection Method for Security Policy of JVM Run-Time Library

WU Rong-hui,WANG Ning,SUN Jian-hua,CHEN Hao,CHEN Zhi-wen(School of Information Science and Engineering,Hunan University,Changsha,Hunan 410082,China)  
JVM run-time library can implement various security policies by calling the library functions of its own,one of the extremely important security policy requires that sensitive operations must be performed after access control permissions checks.Traditionally it relies manual analysis to ensure that the JVM run-time library satisfy this security policy.Java standard library,covering thousands of classes,tens of thousands of methods,is in rapid development and high-rate evolution.It is time-consuming and error-prone to analyze the security policy artificially.This paper presents a full automatic,efficient and rapid model detection method for evaluating that whether the JVM in compliance with this security policy.Scanning the byte code files of Java standard class library,generating control flow graph of the member methods,our method can work out method summary by taint analysis after defining detecting model and automatically detect the risky methods.
【Fund】: 国家自然科学基金(No.60803130 No.61173166);; 湖南大学“青年教师成长计划”
【CateGory Index】: TP311.10
Download(CAJ format) Download(PDF format)
CAJViewer7.0 supports all the CNKI file formats; AdobeReader only supports the PDF format.
【Citations】
Chinese Journal Full-text Database 3 Hits
1 WANG Xue-xiang,PU Han-lai,YANG Jun (National ASIC System Engineering Technology Research Center,Southeast University,Nanjing,Jiangsu 210096,China);Performance Oriented Allocation Scheme for Scratch-Pad Memory[J];Acta Electronica Sinica;2007-08
2 WANG Xiang-gen1,2,SI Duan-feng2,FENG Deng-guo2,SU Pu-rui2 (1.Department of Electronic Engineering and Information Science,University of Science and Technology of China,Hefei,Anhui 230027,China;2.State Key Laboratory of Information Security,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China);Exploring Multiple Execution Paths for Malware Analysis Based on Coverage of Codes[J];Acta Electronica Sinica;2009-04
3 Yan Jun1,Guo Tao2,Ruan Hui1,and Xuan Jifeng3 1(Institute of Software,Chinese Academy of Sciences,Beijing 100190)2(China Information Technology Security Evaluation Center,Beijing 100085)3(School of Mathematical Sciences,Dalian University of Technology,Dalian,Liaoning 116024);JUTA:An Automated Unit Testing Framework for Java[J];Journal of Computer Research and Development;2010-10
【Co-citations】
Chinese Journal Full-text Database 10 Hits
1 WANG Rui1,2,SU Pu-rui2,YANG Yi2,3,FENG Deng-guo1,2(1.State Key Laboratory of Information Security,Graduate University of Chinese Academy of Sciences,Beijing 100049,China;2.State Key Laboratory of Information Security,Institute of Software,Chinese Academy of Sciences,Beijing 100190,China;3.National Engineering Research Center for Information Security,Beijing 100190,China);An Anti-obfuscation Malware Variants Identification System[J];Acta Electronica Sinica;2011-10
2 ZHONG Jin-xin,WEI Geng-yu,AN Jing,YANG Yi-xian(Information Security Center,Beijing University of Posts and Telecommunications,Beijing 100876,P.R.China);A malware analysis method based on symbolic execution tree[J];Journal of Chongqing University;2012-02
3 LI Xiao-yong,MA Wei(Beijing Jiaotong University,Beijing 100044,China);Research on Real-Time Transitive Trust for Dynamic Codes[J];Acta Electronica Sinica;2012-10
4 HU Zhi-gang,SHI Jin-feng,JIANG Xiang-tao School of Information Science and Engineering,Central South University,Changsha 410083,China;Static allocation management strategy for SPM based on energy hotpot[J];Computer Engineering and Applications;2010-03
5 Liu Caixia, Shi Feng, Xue Licheng, and Song Hong(School of Computer Science and Technology, Beijing Institute of Technology, Beijing 100081);Hierarchical Shared Multi-channel Scratch Pad Memory Architecture for Embedded MPSoC[J];Journal of Computer-Aided Design & Computer Graphics;2010-08
6 Hong Xiang1 Jiang Jianhui2 Wu Ying2 Shuai Chunyan2 Yang Genxing31(Shanghai Shentong Rail Transit Research & Consultancy Co.,Ltd.,Shanghai 201103,China)2(Deparment of Computer Science and Technology,Tongji University,Shanghai 201804,China)3(Shanghai Development Center of Computer Software Technology,Shanghai 201112,China);SECURITY PLANNING FOR INFORMATION SYSTEMS IN RAIL-TRANSIT ENTERPRISES[J];Computer Applications and Software;2010-06
7 WU Shizhong,GUO Tao,DONG Guowei,WANG Jiajie(China Information Technology Security Evaluation Center, Beijing 100085,China);Software vulnerability analyses:A road map[J];Journal of Tsinghua University(Science and Technology);2012-10
8 HU Zhigang SHI Jinfeng JIANG Xiangtao(School of Information Science and Engineering,Central South University,Changsha 410083,China);A Static Allocation Strategy for SPM Based on Energy Hotpot[J];Microcomputer Applications;2009-01
9 JIANG Xiang-tao,HU Zhi-gang,HE Jian-biao(School of Information Science and Engineering,Central South University,Changsha 410083,China);WCET-Oriented Data Allocation Scheme for Scratchpad Memory[J];Journal of Chinese Computer Systems;2010-05
10 LIU Cai-xia1,SHI Feng1,XIE Xiao-yi2,XUE Jian-ping2,SONG Hong1 1(School of Computer Science and Technology,Beijing Institute of Technology,Beijing 100081,China) 2(Department of Computer Information Management,Inner Mongolia Finance and Economics College,Huhhot 010010,China);Design and Implementation of Sharable Multi-channel Scratchpad Memory for Embedded Multi-processors System[J];Journal of Chinese Computer Systems;2010-07
China Proceedings of conference Full-text Database 1 Hits
1 LI Xiang-dong~(1,3),LIU Xiao~2,XIA Bing~(1,3),ZHENG Qiu-sheng~(1,3) (1.School of Computer Science,Zhongyuan University of Technology,Zhengzhou Henan 450007,China; 2.Zhengzhou Key Lab of Computer Network Security Assessment,Zhengzhou Henan 450007,China; 3.Henan Province Public Securitv Bureau Network Securitv Corps,Zhenszhou Henan 450003,China );Malicious Codes Detection Techniques and Their Application in Protection of Classified Systems[A];[C];2012
【Secondary Citations】
Chinese Journal Full-text Database 1 Hits
1 ZHANG Jian(State Key Laboratory of Computer Science,Institute of Software,Chinese Academy of Sciences,Beijing 100190);Sharp Static Analysis of Programs[J];Chinese Journal of Computers;2008-09
©2006 Tsinghua Tongfang Knowledge Network Technology Co., Ltd.(Beijing)(TTKN) All rights reserved