针对Java小程序的基于规则的过滤

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217) Pub Date : 1998-12-07 DOI:10.1109/CSAC.1998.738592

Pietro Iglio, F. Fraticelli, Luigi Giuri

{"title":"针对Java小程序的基于规则的过滤","authors":"Pietro Iglio, F. Fraticelli, Luigi Giuri","doi":"10.1109/CSAC.1998.738592","DOIUrl":null,"url":null,"abstract":"Java has been designed with a sophisticated security model that prevents applets downloaded from an untrusted network to attack the local system. However, malicious applets could exploit bugs in the virtual machine in order to gain access to system resources to perform unauthorized operations. The paper discusses the problem of intercepting such applets through a set of filtering rules that can be applied before a fixed version of the virtual machine is released. Moreover, we present an implementation of a filtering tool that can be used either as a firewall extension or as a virtual machine extension.","PeriodicalId":426526,"journal":{"name":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","volume":"41 1 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"1998-12-07","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Rule-based filtering for Java applets\",\"authors\":\"Pietro Iglio, F. Fraticelli, Luigi Giuri\",\"doi\":\"10.1109/CSAC.1998.738592\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Java has been designed with a sophisticated security model that prevents applets downloaded from an untrusted network to attack the local system. However, malicious applets could exploit bugs in the virtual machine in order to gain access to system resources to perform unauthorized operations. The paper discusses the problem of intercepting such applets through a set of filtering rules that can be applied before a fixed version of the virtual machine is released. Moreover, we present an implementation of a filtering tool that can be used either as a firewall extension or as a virtual machine extension.\",\"PeriodicalId\":426526,\"journal\":{\"name\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"volume\":\"41 1 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"1998-12-07\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/CSAC.1998.738592\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/CSAC.1998.738592","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 1

摘要

Java设计了一个复杂的安全模型，可以防止从不受信任的网络下载的小程序攻击本地系统。然而，恶意的小程序可以利用虚拟机中的漏洞来获得对系统资源的访问权限，以执行未经授权的操作。本文讨论了通过一组过滤规则拦截此类小程序的问题，这些规则可以在虚拟机的固定版本发布之前应用。此外，我们还提供了一个过滤工具的实现，它既可以用作防火墙扩展，也可以用作虚拟机扩展。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Rule-based filtering for Java applets

Java has been designed with a sophisticated security model that prevents applets downloaded from an untrusted network to attack the local system. However, malicious applets could exploit bugs in the virtual machine in order to gain access to system resources to perform unauthorized operations. The paper discusses the problem of intercepting such applets through a set of filtering rules that can be applied before a fixed version of the virtual machine is released. Moreover, we present an implementation of a filtering tool that can be used either as a firewall extension or as a virtual machine extension.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

Proceedings 14th Annual Computer Security Applications Conference (Cat. No.98EX217)

自引率

0.00%

发文量