Java is type safe — Probably

Drossopoulou, Sophia; Eisenbach, Susan

doi:10.1007/bfb0053388

Cited by 73 publications

(34 citation statements)

References 14 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…On the Java side, considerable effort has been expended in proving the soundness of the Java type system [11,22] and of the JVM bytecode verifier [26]. Other aspects of Java that are equally important for security, such as formalizing the visibility rules and the encapsulation guarantees they provide, have only recently started to receive attention [16].…”

Section: Security Of Appletsmentioning

confidence: 99%

Security Properties of Typed Applets

Rouaix

Leroy²

1999

Secure Internet Programming

View full text Add to dashboard Cite

This paper formalizes the folklore result that strongly-typed applets are more secure than untyped ones. We formulate and prove several security properties that all well-typed applets possess, and identify sufficient conditions for the applet execution environment to be safe, such as procedural encapsulation, type abstraction, and systematic type-based placement of run-time checks. These results are a first step towards formal techniques for developing and validating safe execution environments for applets.

show abstract

Section: Security Of Appletsmentioning

confidence: 99%

Security Properties of Typed Applets

Rouaix

Leroy²

1999

Secure Internet Programming

View full text Add to dashboard Cite

show abstract

“…There is therefore a growing interest in machine checkable proofs of soundness [1]. However, both the above approaches-proofs on paper (e.g., [15]) or machine checkable proofs (e.g., [33])-require significant manual effort.…”

Section: Glass Box Software Model Checking Of Soundness Of Type Systemsmentioning

confidence: 99%

Program Analysis Techniques for Efficient Software Model Checking

Boyapati¹,

Sakallah²

2011

View full text Add to dashboard Cite

The need to build next generation air force systems with highly complex functions, but at relatively low cost, will inevitably means a major investment in software. Without highly reliable software, any ambitious air force program cannot succeed. Indeed, software is the keystone (or perhaps the Achilles heel) of most large-scale automation projects; and the problem of making software reliable has become one of today's most important technological challenges.To address this problem and to improve software reliability, we designed novel program analysis techniques that significantly speed up software model checking, thereby enabling the checking of much larger programs and broader class of program properties than previously possible.In particular, we developed a software model checker for efficiently checking data oriented programs with respect to complex data dependent properties. We used our model checker for checking programs that use linked data structures such as lists, queues, trees, and maps. Verifying such programs has often been an obstacle to progress in the past and is a key underlying technical challenge in software verification. Because these programs have complex data dependent properties, the state space reduction techniques (such as predicate abstraction or partial order reduction) used by other model checkers are largely ineffective on such programs. Our model checker uses novel techniques to achieve orders of magnitude state space reduction.In addition, we also developed a novel trace driven approach to use counter example guided abstraction refinement (CEGAR) to check for concurrency errors in multithreaded programs.

show abstract

“…As the semantics for even subsets of Java, or simplified versions that disregard aspects of the language such as exception handling, are very large and complex it is easy for mistakes to creep into a paper and pencil proof. Indeed one of the few substantial pieces of work undertaken in the area without the aid of a proof tool, that of Drossopoulou and Eisenbach [14], was found to contain 'one major error and one noteworthy omission' when checked by Syme using his proof tool Declare [52].…”

Section: Mechanized Reasoningmentioning

confidence: 99%

“…In Java is type-safe probably [14], Drossopoulou and Eisenbach describe an operational semantics for a subset of Java that they call Javas. Javas includes primitive types, classes with inheritance, instance variables and instance methods, interfaces, shadowing of instance variables, dynamic method binding, statically resolvable overloading of methods, object creation, null pointers, arrays and a minimal treatment of exceptions.…”

Section: The Java Languagementioning

confidence: 99%

A Programming Logic for Java Bytecode Programs

Quigley

2003

Lecture Notes in Computer Science

View full text Add to dashboard Cite

Java is type safe — Probably

Cited by 73 publications

References 14 publications

Security Properties of Typed Applets

Security Properties of Typed Applets

Program Analysis Techniques for Efficient Software Model Checking

A Programming Logic for Java Bytecode Programs

Contact Info

Product

Resources

About