An extensible framework for analysis of Java language-based security conformance (2015–2018)

Abstract:
Java is a programming language and platform running on 3 billion devices. While Java provides a sandbox-based security architecture within the Java Class Library to protect systems from untrusted code downloaded from Internet, it cannot defend against implementation bugs that occur in the Java Class Library. The goal of this project is to provide a formal model of the Java security architecture, which can be used by program analyses to identify faulty or insufficient security checks in the Java Class Library that may lead to the sandbox being bypassed.
Grant type:
ARC Linkage Projects
Researchers:
  • Chair in CS&EE
    School of Information Technology and Electrical Engineering
    Faculty of Engineering, Architecture and Information Technology
  • Lecturer
    School of Information Technology and Electrical Engineering
    Faculty of Engineering, Architecture and Information Technology
Funded by:
Australian Research Council