最新java外文文献.docx
![资源得分’ title=](/images/score_1.gif)
![资源得分’ title=](/images/score_1.gif)
![资源得分’ title=](/images/score_1.gif)
![资源得分’ title=](/images/score_1.gif)
![资源得分’ title=](/images/score_05.gif)
《最新java外文文献.docx》由会员分享,可在线阅读,更多相关《最新java外文文献.docx(14页珍藏版)》请在淘文阁 - 分享文档赚钱的网站上搜索。
1、精品资料java外文文献.Computer Communications 23 (2000) 15941605On object initialization in the Java bytecodeqS. Doyon*, M. DebbabiLSFM Research Group, Department of Computer Science, Laval University, Sainte Foy, Que., Canada G1K 7P4AbstractJava is an ideal platform for implementing mobile code systems, not
2、 only because of its portability but also because it is designed with security in mind. Untrusted Java programs can be statically analyzed and validated. The programs behavior is then monitored to prevent potentially malicious operations. Static analysis of untrusted classes is carried out by a comp
3、onent of the Java virtual machine called the verier. The most complex part of the verication process is the dataow analysis, which is performed on each method in order to ensure type-safety. This paper claries in detail one of the tricky aspects of the dataow analysis: the verication of object initi
4、alization. We present and explain the rules that need to be enforced and we then show how verier implementations can enforce them. Rules for object creation require, among other things, that uninitialized objects never be used before they are initialized. Constructors must properly initialize their
5、this argument before they are allowed to return. This paper also deals with initialization failures (indicated by exceptions): the object being initialized must be discarded, and constructors must propagate initialization failures. q 2000 Elsevier Science B.V. All rights reserved.Keywords: Java byte
6、code; Object initialization; Dataow analysis; static analysis; java security1. IntroductionThe Java architecture is particularly well-suited for implementing mobile code systems. A mobile code archi-tecture allows a computer to fetch a program (or parts of a program) from a network source and execut
7、e it locally. However, security is a critical aspect of mobile code archi-tectures. The very essence of mobile code is to execute a program that originates from a remote source. This is inher-ently dangerous because it is not known what actions that program will take. By executing the mobile code, w
8、e are allowing it to perform operations on our machine and we are giving it access to our local resources.Java is especially well-suited for implementing mobile code systems for three reasons: Java source is compiled into a platform-independent intermediate form called Java bytecode. Java byte-code
9、is then interpreted by the JVM (Java virtual machine). This makes Java bytecode completely portable, which means a piece of Java code in compiled form should run on any receiving machine.q The research reported in this paper has been supported by the National Science and Engineering Research Council
10、 (NSERC), the Fonds pour la formation de chercheurs et laide a la recherche (FCAR), and the Defense Research Establishment Valcartier (DREV), Department of National Defense.* Corresponding author. Tel.: _1-41-8656-7035; fax: _1-41-8656-2324.E-mail address: doyonift.ulaval.ca (S. Doyon). It is dynami
11、cally linked: the JVM will load classes from different network sources as they are needed and will link them into the program while it runs. The Java architecture is built with security in mind: its design makes it possible to enforce sufcient security to make mobile code safe and practical.Currentl
12、y, the most popular manifestation of Java mobile code is applets. A JVM (bytecode interpreter) is incor-porated in web browsers. Web pages can then include links that point to the compiled (bytecode) form of programs which are called applets. The applet can then be loaded by the browser and executed
13、 locally with no special effort on the users part.The verier is a key component of the Java security archi-tecture. Its role is to examine compiled classes as they are loaded into the JVM in order to ensure that they are well-formed and valid. It checks that the code respects the syntax of the bytec
14、ode language and that it respects the language rules. Another component of the Java security architecture, called the security manager, monitors access to system resources and services. The security manager is a security layer, which goes on top of the verier and relies on its effectiveness.The most
15、 complex step of the verication process performed by the verier requires running a dataow analy-sis on the body of each method. There are a few particularly tricky issues regarding the dataow analysis. In this paper, we focus on the issues relating to the initialization of0140-3664/00/$ - see front
16、matter q 2000 Elsevier Science B.V. All rights reserved.PII: S 0 1 4 0 - 3 6 6 4 ( 0 0 ) 0 0 2 4 5 - 0S. Doyon, M. Debbabi / Computer Communications 23 (2000) 159416051595new objects: Issues relating to object creation: A new object is createdin two steps: space is allocated for the new object, and
17、then it is initialized. When performing the dataow analysis, the verier must ensure that certain rules are respected: the constructor used to initialize an object must be appropriate, an object must not be used before it is initialized, an object must not be initialized more than once and initializa
18、tion failures (indicated by exceptions) must be handled properly. Issues relating to constructors: The constructor is respon-sible for initializing a new object. The rst part of the constructors work performs initialization from a typing point of view, which implies directly or indirectly calling a
19、constructor from the superclass. The rest of the constructor performs application-specic initialization. The verier must ensure that a constructor properly initi-alizes the current object before it returns, that it does not use the current object in any way before calling the super-class constructor
20、 and that it propagates any initialization failure occurring in the superclass constructor.The Ofcial documentation on the verier, provided in (Ref. 1, Sections 4.8 and 4.9) and in Ref. 2, is relatively sparse; the portions discussing object initialization are very brief, vague, and leave out some i
21、mportant issues. Indepen-dent work presented in Ref. 3 has claried many aspects. Freund and Mitchell have extended the formalization of a subset of the Java bytecode language introduced in Ref. 4. They used a type system to describe the veriers handling of object initialization. Our paper reviews an
22、d explains the rules related to object initialization and discusses how a verier implementation can enforce them. We also touch on a few issues not discussed in Ref. 3. Exceptions thrown during object initialization indicate initialization failures and must be handled properly, both inside and outsi
23、de of a constructor. We also provide a comprehensive, intuitive explanation of how the rules for object creation can be enforced with minimal effort.We assume that the reader has some knowledge of the Java bytecode language, as well as a basic understanding either of dataow analysis in general or of
24、 the particular analysis technique used by the Java bytecode verier. The unfamiliar reader may consult the following references for more complete information: for the Java language the reader may refer to the ofcial specication of the language 5. The best way to learn Java or to nd a more understand
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- 最新 java 外文 文献
![提示](https://www.taowenge.com/images/bang_tan.gif)
限制150内