Java Security Nathan Moore CS 665. Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model.

Slides:



Advertisements
Similar presentations
Towards Remote Policy Enforcement for Runtime Protection of Mobile Code Using Trusted Computing Xinwen Zhang Francesco Parisi-Presicce Ravi Sandhu
Advertisements

© 2003 School of Computing, University of Leeds SY32 Secure Computing, Lecture 16 Secure Coding in Java and.NET Part 1: Fundamentals.
Enabling Secure Internet Access with ISA Server
Introduction To Java Objectives For Today â Introduction To Java â The Java Platform & The (JVM) Java Virtual Machine â Core Java (API) Application Programming.
Java Applet Security Diana Dong CS 265 Spring 2004.
Java security (in a nutshell)
Applet Security Gunjan Vohra. What is Applet Security? One of the most important features of Java is its security model. It allows untrusted code, such.
COEN 351: E-Commerce Security
Java Security CS-328. JDK 1.0 Security Model Sandbox Java Virtual Machine Local Code Remote Code Local Host System Resources (File System, Sockets, Printers…)
Dan Sedlacek CTO, Systems Management Group Sterling Software Java Security and Encryption.
Java Security. Overview Hermetically Sealed vs. Networked Executable Content (Web Pages & ) Java Security on the Browser Java Security in the Enterprise.
Mobile Code Security Aviel D. Rubin, Daniel E. Geer, Jr. MOBILE CODE SECURITY, IEEE Internet Computing, 1998 Minkyu Lee
Lab Information Security Using Java (Review) Lab#0 Omaima Al-Matrafi.
Lab#1 (14/3/1431h) Introduction To java programming cs425
Java Security Model Lab#1 I. Omaima Al-Matrafi. Safety features built into the JVM Type-safe reference casting Structured memory access (no pointer arithmetic)
LAB#2 JAVA SECURITY OVERVIEW Prepared by: I.Raniah Alghamdi.
Object Orientated Programming
1 Extensible Security Architectures for Java Authors: Dan S.Wallch, Dirk Balfanz Presented by Moonjoo Kim.
Edward Tsai – CS 239 – Spring 2003 Strong Security for Active Networks CS 239 – Network Security Edward Tsai Tuesday, May 13, 2003.
Prepared By E.Musa Alyaman1 Chapter 2 The Java Overview.
Java for High Performance Computing Jordi Garcia Almiñana 14 de Octubre de 1998 de la era post-internet.
Session-02. Objective In this session you will learn : What is Class Loader ? What is Byte Code Verifier? JIT & JAVA API Features of Java Java Environment.
Page 1 Sandboxing & Signed Software Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Java Security Updated May Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security.
JAVA v.s. C++ Programming Language Comparison By LI LU SAMMY CHU By LI LU SAMMY CHU.
Introduction to Java CSIS 3701: Advanced Object Oriented Programming.
Java Security. Topics Intro to the Java Sandbox Language Level Security Run Time Security Evolution of Security Sandbox Models The Security Manager.
CSCI 224 Introduction to Java Programming. Course Objectives  Learn the Java programming language: Syntax, Idioms Patterns, Styles  Become comfortable.
Introduction to Java Kumar Harshit. Objectives ( 목적지 ) At the end of the lesson, the student should be able to: ● Describe the features of Java technology.
Security in Java Sunesh Kumra S
Java Virtual Machine Java Virtual Machine A Java Virtual Machine (JVM) is a set of computer software programs and data structures that use.
Java Introduction Lecture 1. Java Powerful, object-oriented language Free SDK and many resources at
Why Java? A brief introduction to Java and its features Prepared by Mithat Konar.
Introduction to Java CSIS 3701: Advanced Object Oriented Programming.
1 22 August 2001 The Security Architecture of the M&M Mobile Agent Framework P. Marques, N. Santos, L. Silva, J. Silva CISUC, University of Coimbra, Portugal.
Java Security Pingping Ma Nov 2 nd, Overview Platform Security Cryptography Authentication and Access Control Public Key Infrastructure (PKI)
1 Comp 104: Operating Systems Concepts Java Development and Run-Time Store Organisation.
University of Houston-Clear Lake Proprietary© 1997 Evolution of Programming Languages Basic cycle of improvement –Experience software difficulties –Theory.
Basic Security: Java vs.NET Master Seminar Advanced Software Engineering Topics Prof. Jacques Pasquier-Rocha Software Engineering Group Department of Informatics.
Lecture :2 1.  DEFENTION : Java is a programming language expressly designed for use in the distributed environment of the Internet. It was designed.
Java 2 security model Valentina Casola. Components of Java the development environment –development lifecycle –Java language features –class files and.
CPRG 215 Introduction to Object-Oriented Programming with Java Module 1-Introduction to Java Topic 1.1 Basics of Java Produced by Harvey Peters, 2008 Copyright.
Java Security Model For Mobile Code Abdo Achkar. Mobile Code A mobile object is a “self contained piece” of executable code. Definition:  Code that can.
Computer Programming 2 Why do we study Java….. Java is Simple It has none of the following: operator overloading, header files, pre- processor, pointer.
CT1513 Introduction To java © A.AlOsaimi.
J ava P rogramming: From Problem Analysis to Program Design, From Problem Analysis to Program Design, Second Edition Second Edition D.S. Malik D.S. Malik.
Jaas Introduction. Outline l General overview of Java security Java 2 security model How is security maintained by Java and JVM? How can a programmer.
1. An Introduction A Programming Language A Technology Java Development Kit Java API One Language: Three Editions Standard Edition Enterprise Edition.
Java: An Overview John R Durrett Texas Tech University.
Java Security Session 19. Java Security / 2 of 23 Objectives Discuss Java cryptography Explain the Java Security Model Discuss each of the components.
Wireless and Mobile Security
Introduction Program File Authorization Security Theorem Active Code Authorization Authorization Logic Implementation considerations Conclusion.
Java – in context Main Features From Sun Microsystems ‘White Paper’
Lesson 1 1 LESSON 1 l Background information l Introduction to Java Introduction and a Taste of Java.
Introduction to Programming 1 1 2Introduction to Java.
Java & The Android Stack: A Security Analysis Pragati Ogal Rai Mobile Technology Evangelist PayPal, eBay Java.
Sung-Dong Kim, Dept. of Computer Engineering, Hansung University Java - Introduction.
Object Oriented Programming in
Done By: Ashlee Lizarraga Ricky Usher Jacinto Roches Eli Gomez
Lecture 1: Introduction to JAVA
Java Primer 1: Types, Classes and Operators
Java security (in a nutshell)
Introduction Enosis Learning.
Topic: Java Security Models
Introduction Enosis Learning.
Security in Java Real or Decaf? cs205: engineering software
From C++ to Java Java history: Oak, toaster-ovens, internet language, panacea What it is O-O language, not a hybrid (cf. C++) compiled to byte-code, executed.
F II 1. Background Objectives
COSC Assignment 3 - Part 1 Java Security Susan Kovacs 19 April 2019 COSC Assignment 3 - Part 1.
Presentation transcript:

Java Security Nathan Moore CS 665

Overview Survey of Java Inherent Security Properties Java Runtime Environment Java Virtual Machine Java Security Model and Java Security Architecture Java 6 SE Security Extensions Known Vulnerabilities of Java Future of Java Security

Inherent Java Security (1) Every entity has an associated Access Level: Public, Protected, Default/Package, Private Provides encapsulation A strongly typed language: Restrictions on how data types can be mixed No direct memory access No notion of pointers Entities are accessed via references (by name) Variables must be initialized before they are used

Inherent Java Security (2) Objects can’t be arbitrarily cast into other objects (ensures a type safe environment): Strict use of extends, implements (inheritance) Compile time type checking of casting Programmers stringently declare the types of all storage locations and return values

Inherent Java Security (3) Common exceptions can easily be caught/thrown during run time NullPointer, ArrayIndexOutOfBounds, etc. Provides automatic memory management, garbage collection, and array range- checking Compiler and virtual machines perform compile time and run time checks (respectively)

The Java Runtime Environment (JRE) Consists of the Java Virtual Machine (JVM) and Class Libraries JVM: available for most platforms, provides the environment for java bytecode to execute Class Libraries: The Core Java API, contains classes for language support and added functionality

Java Virtual Machine (JVM) Platform Independence: “Write once, run anywhere!” Is an abstract virtual machine Diff. implementations: Sun, IBM, Oracle, MS Each thread has its own stack Typical instruction set: Load/Store, Arithmetic, etc. Interprets bytecode generated by Java compilers

Why Java Needs Security Source Code Compiler Web Browser Byte Code Web Server JVM Internet Local System Resources External Control over System Resources

Java Sandbox Model gives untrusted code a place to “play”

Java 2 Security Model All local or remote code passes through a Security Policy to determine what resources it has access to Configurable Security Policies provides fine- grained access control May or may not be provided, default security settings exist for untrusted code

Java 2 Security Model (2)

Stage 1: Accessing the Classes Need to get the local and remote classes required for program execution By default: only built in (Core API) code is trusted Local, Remote (Applet) code is untrusted Byte Code Verifier: performs checks on untrusted code file format, object references, method calls, parameter and return value validity, pointer forgery, stack overflows, array indices, etc.

Stage 2: Loading Classes Class Loader: uses dynamic linking to load classes at runtime Loads from different locations (file system/classpath, applet class) Prevents class spoofing (has been bypassed) Manages Java’s namespace definitions (naming scope) cs665.String vs. Java.lang.String Consults the Security Manager to see is program has permission to access a class

Stage 3: Program Execution Security Manager: Core component for implementing a custom Policy queried by the JVM each time untrusted code attempts to access a system resource Uses Access Controller to see if queries are permitted, throws a generic Security Exception otherwise

Stage 3: Policy Class (Dev) Manages class permissions to system resources Protection Domains: can associate one or more classes with a set of permissions Policy assigns each class to a Protection Domain

Stage 3: AccessController Class Invoked by the Security Manager Makes a decision based on: class domain in the Security Policy, and a stack inspection Stack inspection: a check on a sequence of class calls for resources and their resulting approval or denial

Default Security Protection Only built in, Core API code is trusted Applets are restricted from: Local file system access Creating network connections Creating security components (e.g.. Class Loader) Accessing user information Applications: No default security restrictions Implementing a Security Manager is optional

Java Cryptography Architecture (JCA) Part of Java SE 6, supports use of third party packages and is itself a “provider” Provides many different security services: digital signatures message digests: SHA-1 certificates and certificate validation: X.509 symmetric/asymmetric block/stream ciphers encryption: DSA, RSA key generation and management secure random number generation

JCA Ex: A Public Key and Signature (packaged as a Certificate) can be used to verify code integrity and validity of source

Java Authentication and Authorization Service (JAAS) Java Authentication and Authorization Service Can be used for two purposes: authentication of users authorization of users Provides access controls based on who the user is and that users associated permissions Upon user authentication, JAAS coordinates with the Security Manager and Access Controller

Custom Security Models Components of the Security Architecture (except for Verifier) are customizable Users: can specify own local security policy Policy Tool: GUI used to customize JRE Policy Developers: can customize everything else (Security Manager, Policy, AccessController, etc.) can use JCA and JAAS Users are responsible for their own protection

Security Weaknesses Fine-grained control with a price: complexity Relies on user to secure their own environment via a complex Policy Tool JVM Implementations: each have their own unique vulnerabilities Reverse engineering of class files to source code (obfuscation is not the answer) Many severe flaws have been addressed over the evolution of Java and the JVM

Famous Exploits (fixed) Jumping the Firewall: the only network connection an Applet can make is to its server of origin Steve Gibbons bypassed this security measure in 1996 using a DNS security flaw Slash and Burn: exploited the Dots and Slashes rule, which is used to search for local class files Malicous applets were able to execute

The Future of Java Security Java SE 6 is fully open source under GPL license Common misconceptions: o pen source = open code (i.e. insecure) Reality: open sourcing Java allows all aspects to be scrutinized by thousands of people Community Impact: existing security flaws will be publicized and addressed swiftly Many services are already provided, the next step is making them easier to use (hopefully!)