Logo des Repositoriums
 

Anti-patterns in JDK security and refactorings

dc.contributor.authorSchönefeld, Marc
dc.contributor.editorFlegel, Ulrich
dc.contributor.editorMeier, Michael
dc.date.accessioned2019-10-16T08:50:49Z
dc.date.available2019-10-16T08:50:49Z
dc.date.issued2004
dc.description.abstractThis paper underlines the importance of security awareness whilst programming Java applications. Several problems in current JDK implementations are demonstrated that allow to undermine the security of Java applications. Coding errors and quality problems in current Java distributions create possibilities to create covert channels, cause resource blocking and denial-of-service attacks. To make things worse Java components are often deployed according to the AllPermissions antipattern with non-restrictive security settings, which allows bugs on the system layer to be exploited by attackers. Coping with this antipattern from the user side is connected with the definition of adequate permission sets. A tool that automates this time consuming task is presented as a refactoring for the AllPermission antipattern.en
dc.identifier.isbn3-88579-375-X
dc.identifier.pissn1617-5468
dc.identifier.urihttps://dl.gi.de/handle/20.500.12116/29200
dc.language.isoen
dc.publisherGesellschaft für Informatik e.V.
dc.relation.ispartofDetection of intrusions and malware & vulnerability assessment, GI SIG SIDAR workshop, DIMVA 2004
dc.relation.ispartofseriesLecture Notes in Informatics (LNI) - Proceedings, Volume P-46
dc.titleAnti-patterns in JDK security and refactoringsen
dc.typeText/Conference Paper
gi.citation.endPage186
gi.citation.publisherPlaceBonn
gi.citation.startPage175
gi.conference.dateJuly 6-7, 2004
gi.conference.locationDortmund
gi.conference.sessiontitleRegular Research Papers

Dateien

Originalbündel
1 - 1 von 1
Lade...
Vorschaubild
Name:
GI.Proceedings.46-12.pdf
Größe:
64.9 KB
Format:
Adobe Portable Document Format