Filters








11,539 Hits in 7.7 sec

A Formally Verified Calculus for Full Java Card [chapter]

Kurt Stenzel
2004 Lecture Notes in Computer Science  
The calculus is formally proved correct with respect to a natural semantics. It is implemented in the KIV system and used for smart card applications.  ...  Java Card Java Card [18] is a variation of Java that is tailored for smart cards. A smart card is a plastic card containing a small processor. Smart cards are used in  ...  This is achieved by loading the program in a secure environment and by setting suitable access rights.  ... 
doi:10.1007/978-3-540-27815-3_37 fatcat:nxq4unamavgatkbxz4ag5ez3pq

A formal framework for the Java bytecode language and verifier

Stephen N. Freund, John C. Mitchell
1999 Proceedings of the 14th ACM SIGPLAN conference on Object-oriented programming, systems, languages, and applications - OOPSLA '99  
This paper presents a sound type system for a large subset of the Java bytecode language including classes, interfaces, constructors, methods, exceptions, and bytecode subroutines.  ...  This work serves as the foundation for developing a formal specification of the bytecode language and the Java Virtual Machine's bytecode verifier.  ...  Dynamic loading makes global analysis difficult because a newly loaded class may invalidate program invariants that previously held.  ... 
doi:10.1145/320384.320397 dblp:conf/oopsla/FreundM99 fatcat:knlhtny5dvgsfkk7xyoqug4mke

A formal framework for the Java bytecode language and verifier

Stephen N. Freund, John C. Mitchell
1999 SIGPLAN notices  
This paper presents a sound type system for a large subset of the Java bytecode language including classes, interfaces, constructors, methods, exceptions, and bytecode subroutines.  ...  This work serves as the foundation for developing a formal specification of the bytecode language and the Java Virtual Machine's bytecode verifier.  ...  Dynamic loading makes global analysis difficult because a newly loaded class may invalidate program invariants that previously held.  ... 
doi:10.1145/320385.320397 fatcat:sxepsgytkre2jcwau2u7mdurcm

Towards a General Framework for Formal Reasoning about Java Bytecode Transformation

Razika Lounas, Mohamed Mezghiche, Jean-Louis Lanet
2013 Electronic Proceedings in Theoretical Computer Science  
The formal framework presented includes a definition of a formal semantics of updates which is the base of a static verification and a scheme based on Hoare triples and weakest precondition calculus to  ...  Because these transformations may introduce errors, our goal is to provide a formal way to verify the update and establish its correctness.  ...  We focus on Java bytecode and the system presented in [16] called embedDSU: a system to update dynamically Java Card applications.  ... 
doi:10.4204/eptcs.122.6 fatcat:n3hb7taroncllogfi35mpc5leu

A Low-Footprint Java-to-Native Compilation Scheme Using Formal Methods [chapter]

Alexandre Courbot, Mariela Pavlova, Gilles Grimaud, Jean-Jacques Vandewalle
2006 Lecture Notes in Computer Science  
This is made possible by completing the Java program with JML annotations, and using a theorem prover in order to formally prove that the compiled methods never throw runtime exceptions.  ...  Ahead-of-Time and Just-in-Time compilation are common ways to improve runtime performances of restrained systems like Java Card by turning critical Java methods into native code.  ...  Acknowledgments The authors would like to thank Jean-Louis Lanet for kindly providing us with the JML-annotated sources of the banking, scheduler and tcpip programs evaluated in this paper.  ... 
doi:10.1007/11733447_24 fatcat:xwgyjiskifckppytptysrwcsmm

Formalizing the safety of Java, the Java virtual machine, and Java card

Pieter H. Hartel, Luc Moreau
2001 ACM Computing Surveys  
This is a formidable task but we believe it is essential to build trust in Java safety, and thence to achieve ITSEC level 6 or Common Criteria level 7 certification for Java programs.  ...  The conclusion is that although a lot of good work has been done, a more concerted effort is needed to build a coherent set of machine-readable formal models of the whole of Java and its implementation  ...  ., SLATER, A., AND VOGT, H. 1998. cardT A P : The first theorem prover on a smart card. In 15th Automated Deduction (CADE), LNCS 1421 (Lindau, Germany, July), pp. 47-50. Springer-Verlag, Berlin.  ... 
doi:10.1145/503112.503115 fatcat:xg4uc2jgjbdhpaxism3f6cr42i

Java, Java, Java

C.L. Sabharwal
1998 IEEE potentials  
By definition, Java is a simple, objectoriented, distributed, interpreted, robust, secure, platform independent, portable, high-performance, multi-threaded and dynamic language.  ...  Information found on the intranet is protected, proprietary, private and security-sensitive for development activity and dynamically updated.  ... 
doi:10.1109/45.714612 fatcat:aramvrar7ncuvn7rwo4adfvaga

Secure Java class loading

Li Gong
1998 IEEE Internet Computing  
The class loading mechanism, central to Java, plays a key role in JDK 1.2 by enabling an improved security policy that is permission-based and extensible.  ...  SECURE JAVA CLASS LOADING LI GONG Sun Microsystems W hen Java technology burst onto the Internet scene in 1995, its developers declared the ambitious goal of providing a safe programming environment, especially  ...  SECURE CLASS LOADING Dynamic class loading is an important feature of the Java virtual machine because it enables the Java platform to install software components at runtime. 1 Class loading has several  ... 
doi:10.1109/4236.735987 fatcat:fhrxg4shivbjzaht2stjvooxoi

Confined types in Java

Jan Vitek, Boris Bokowski
2001 Software, Practice & Experience  
In particular, we introduce confined types to impose a static scoping discipline on dynamic references and anonymous methods to loosen confinement somewhat to allow code reuse.  ...  We have implemented a verifier which performs a modular analysis of Java programs and provides a static guarantee that confinement is respected. Static access control.  ...  ACKNOWLEDGEMENTS The authors wish to thank John Boyland, Doug Lea, James Noble, Jens Palsberg, Philip Wadler, the participants of the Intercontinental Workshop on Aliasing in Object Oriented Systems and  ... 
doi:10.1002/spe.369 fatcat:n46wwicerbgwfpbitjre5yxnbi

Formal Techniques for Java Programs [chapter]

Gary T. Leavens, Sophia Drossopoulou, Susan Eisenbach, Arnd Poetzsch-Heffter, Erik Poll
2002 Lecture Notes in Computer Science  
This report gives an overview of the third ECOOP Workshop on Formal Techniques for Java Programs. It explains the motivation for such a workshop and summarizes the presentations and discussions.  ...  This calculus, which is a variant of the π-calculus, formalizes dynamic composition and evolution in Java systems.  ...  and library packages automated checking and verification of program properties verification technology and logics -Java language semantics dynamic linking and loading, security Structure of Workshop and  ... 
doi:10.1007/3-540-47853-1_3 fatcat:rbitilj3dbfgxohlt3lenzkcze

A Formal Executable Semantics of the JavaCard Platform [chapter]

Gilles Barthe, Guillaume Dufay, Line Jakubiec, Bernard Serpette, Simão Melo de Sousa
2001 Lecture Notes in Computer Science  
We present a formal executable specification of two crucial JavaCard platform components, namely the Java Card Virtual Machine (JCVM) and the ByteCode Verifier (BCV).  ...  Moreover, we relate both components by giving a proof of correctness of the ByteCode Verifier. Both formalisations and proofs have been machined-checked using the proof assistant Coq.  ...  Simão Sousa is partially supported by a grant from the Portuguese Fundação para a Ciencia e a Technologia under grant SFRH/BD/790/2000.  ... 
doi:10.1007/3-540-45309-1_20 fatcat:yavcygfipfahfgcdzan2s5oud4

Java Bytecode Verification by Model Checking [chapter]

David Basin, Stefan Friedrich, Joachim Posegga, Harald Vogt
1999 Lecture Notes in Computer Science  
Verification plays a central role in the security of Java bytecode: the Java bytecode verifier performs a static analysis to ensure that bytecode loaded over a network has certain security related properties  ...  Moreover, when the formal specification is realized in a logic and verification is based on a theorem prover, extensions become possible such as integrating the verification of security properties with  ...  Motivation Verification plays a central role in the security of Java bytecode: the Java bytecode verifier performs a static analysis to ensure that bytecode loaded over a network has certain security related  ... 
doi:10.1007/3-540-48683-6_43 fatcat:4dh6pisfmnavvhobcr47hfp6ja

Enforcing Secure Object Initialization in Java [chapter]

Laurent Hubert, Thomas Jensen, Vincent Monfort, David Pichardie
2010 Lecture Notes in Computer Science  
We propose a modular type system to formally specify the initialization policy of libraries or programs and a type checker to statically check at load time that all loaded classes respect the policy.  ...  Sun and the CERT recommend for secure Java development to not allow partially initialized objects to be accessed.  ...  Section 3 overviews object initialization in Java and its impacts on security. Section 4 then informally presents our type system, which is then formally described in Section 5.  ... 
doi:10.1007/978-3-642-15497-3_7 fatcat:pg5eptxfgbbbred6e24ln3ptru

Enforcing Secure Object Initialization in Java [article]

Laurent Hubert, Vincent Monfort
2010 arXiv   pre-print
We propose a modular type system to formally specify the initialization policy of libraries or programs and a type checker to statically check at load time that all loaded classes respect the policy.  ...  Sun and the CERT recommend for secure Java development to not allow partially initialized objects to be accessed.  ...  Section 3 overviews object initialization in Java and its impacts on security. Section 4 then informally presents our type system, which is then formally described in Section 5.  ... 
arXiv:1007.3133v1 fatcat:bap5y43n5fa53dxqbeixzu6j6q

KeY: A Formal Method for Object-Oriented Systems [chapter]

Wolfgang Ahrendt, Bernhard Beckert, Reiner Hähnle, Peter H. Schmitt
2007 Lecture Notes in Computer Science  
The intention is to provide a platform that allows close collaboration of conventional and formal software development methods.  ...  It aims for integrating design, implementation, formal specification and formal verification as seamlessly as possible.  ...  In short, if you have a sequential Java program without dynamic class loading and floating point types, then it is (in principle) possible to verify it with KeY.  ... 
doi:10.1007/978-3-540-72952-5_2 fatcat:ulq2gvp7yjdkrf5zyjat3xqnwy
« Previous Showing results 1 — 15 out of 11,539 results