DocumentCode
651635
Title
Using Bytecode Instrumentation to Secure Information Flow in Multithreaded Java Applications
Author
Sharaf, Mohamed ; Jie Huang ; Chin-Tser Huang
Author_Institution
Dept. of Comput. Sci. & Eng., Univ. of South Carolina, Columbia, SC, USA
fYear
2013
fDate
8-11 July 2013
Firstpage
362
Lastpage
367
Abstract
Information leakage is considered one of the vulnerabilities that may exist in careless development of software applications or unreliable and untrusted COTS binaries. Providing security at the level of programming development is important because leaking sensitive information such as credit card number, cookies, passwords or SSN does not require a lot of bandwidth to get through. In this paper, we propose a Secure Information Flow for Multithreaded Java (SIF-MJ) model, to enforce security and enhance assurance in all information flows throughout the execution time of the application without violating any rules or properties of multithreaded application. SIF-MJ does not require modification on the underlying Java Virtual Machine (JVM), therefore our proposed model is applicable to the currently existing JVMs.
Keywords
Java; multi-threading; security of data; virtual machines; COTS binaries; JVM; Java virtual machine; SIF-MJ model; bytecode instrumentation; commercial off-the-shelf binaries; information leakage; secure information flow for multithreaded Java model; software applications; Computational modeling; Instruction sets; Instruments; Java; Runtime; Security; Unified modeling language; explicit flow; implicit flow; information flow control (IFC); information leakage; multithreaded application;
fLanguage
English
Publisher
ieee
Conference_Titel
Distributed Computing Systems Workshops (ICDCSW), 2013 IEEE 33rd International Conference on
Conference_Location
Philadelphia, PA
Print_ISBN
978-1-4799-3247-4
Type
conf
DOI
10.1109/ICDCSW.2013.15
Filename
6679915
Link To Document