JVMTI-based implementation of security policies enforcement on java platform

Abstract

Protecting host computer against potential malicious mobile code is one of important question of mobile code security. Model Carrying Code consider producer and consumer all together, gives theoretical framework center around behavioral model of program, which can guarantee safe execution of untrusted code. However, it faces several difficulties when applied to the most ubiquitous mobile code platform - Java, in the enforcement phase to monitor program behavior of a thread in the Java virtual machine(JVM) instead of a process on the operating system. To address this problem, this paper aims at java platform and java mobile code used broadly, provides the approach of implement MCC on java platform, gives alternative effective approach of enforcement of security policies, moreover, implement enforcement of security policies with JVMTI on Java Platform.