DocumentCode :
2359419
Title :
Java security extensions for a Java server in a hostile environment
Author :
Wheeler, David M. ; Conyers, Adam ; Luo, Jane ; Xiong, Alex
Author_Institution :
Intel Corp., Chandler, AZ, USA
fYear :
2001
fDate :
10-14 Dec. 2001
Firstpage :
64
Lastpage :
73
Abstract :
The Java (TM) Virtual Machine is being used more frequently as the basic engine behind dynamic Web services. With the proliferation of network attacks on these network resources, much work has been done to provide security for the network environment. Continuing work on firewalls, intrusion detection, and even access control have provided numerous insights and capabilities for protecting Web resources. Java itself has received much attention in the security arena, and the Java 2(TM) Architecture has provided considerable inroads to providing security services. However, this research has operated under the assumption that attacks only occur through the network and not with direct access to the Web server through a valid login. Little effort has been placed on securing a Java Web server where the attacker has a valid login to the host machine. This paper describes specific security extensions developed for a Java Virtual Machine that provide assurance of correct system operation and integrity even in the presence of successful attacks on the underlying operating system.
Keywords :
Internet; Java; certification; data integrity; security of data; Java Virtual Machine; Java security extensions; Java server; Web server; assurance; attacks; operating system; system integrity; Access control; Engines; Intrusion detection; Java; Network servers; Operating systems; Protection; Virtual machining; Web server; Web services;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Computer Security Applications Conference, 2001. ACSAC 2001. Proceedings 17th Annual
Print_ISBN :
0-7695-1405-7
Type :
conf
DOI :
10.1109/ACSAC.2001.991522
Filename :
991522
Link To Document :
بازگشت