Restraining Execution Environments

Similar documents
Cloud Computing. Up until now

Multi-core Programming System Overview

2 Introduction to Java. Introduction to Programming 1 1

Characteristics of Java (Optional) Y. Daniel Liang Supplement for Introduction to Java Programming

System Structures. Services Interface Structure

picojava TM : A Hardware Implementation of the Java Virtual Machine

Chapter 3: Operating-System Structures. Common System Components

General Introduction

Section 1.4. Java s Magic: Bytecode, Java Virtual Machine, JIT,

CS420: Operating Systems OS Services & System Calls

Fachbereich Informatik und Elektrotechnik SunSPOT. Ubiquitous Computing. Ubiquitous Computing, Helmut Dispert

Tuning WebSphere Application Server ND 7.0. Royal Cyber Inc.

CSCI E 98: Managed Environments for the Execution of Programs

OPERATING SYSTEM SERVICES

1. Overview of the Java Language

Objectives. Chapter 2: Operating-System Structures. Operating System Services (Cont.) Operating System Services. Operating System Services (Cont.

Jonathan Worthington Scarborough Linux User Group

ELEC 377. Operating Systems. Week 1 Class 3

Monitoring Java enviroment / applications

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

CS3600 SYSTEMS AND NETWORKS

Java and Java Virtual Machine Security

Chapter 14 Virtual Machines

Example of Standard API

Chapter 3 Operating-System Structures

Last Class: OS and Computer Architecture. Last Class: OS and Computer Architecture

Java Programming. Binnur Kurt Istanbul Technical University Computer Engineering Department. Java Programming. Version 0.0.

How do Users and Processes interact with the Operating System? Services for Processes. OS Structure with Services. Services for the OS Itself

Hardware/Software Co-Design of a Java Virtual Machine

CIS 551 / TCOM 401 Computer and Network Security

Crash Course in Java

WebSphere Performance Monitoring & Tuning For Webtop Version 5.3 on WebSphere 5.1.x

Operating System Structures

The Java Virtual Machine and Mobile Devices. John Buford, Ph.D. Oct 2003 Presented to Gordon College CS 311

RE-TRUST Design Alternatives on JVM

White Paper. Java Security. What You Need to Know, and How to Protect Yourself

Mobile Application Languages XML, Java, J2ME and JavaCard Lesson 04 Java

Chapter 2 System Structures

Java Garbage Collection Basics

Online Recruitment System 1. INTRODUCTION

INTRODUCTION TO JAVA PROGRAMMING LANGUAGE

Eastern Washington University Department of Computer Science. Questionnaire for Prospective Masters in Computer Science Students

Lecture 1 Introduction to Android

Java's garbage-collected heap

Introduction to Android 5 Security

Chapter 6, The Operating System Machine Level

Kernel Types System Calls. Operating Systems. Autumn 2013 CS4023

Effective Java Programming. efficient software development

Analysis of Virtualization Tools and Techniques

- Applet java appaiono di frequente nelle pagine web - Come funziona l'interprete contenuto in ogni browser di un certo livello? - Per approfondire

Operating Systems and Networks

Performance Tools for Parallel Java Environments

Java Card. Smartcards. Demos. . p.1/30

Operating System Structure

Operating Systems. Design and Implementation. Andrew S. Tanenbaum Melanie Rieback Arno Bakker. Vrije Universiteit Amsterdam

Operating Systems. Rafael Ramirez (T, S)

Outline. Operating Systems Design and Implementation. Chap 1 - Overview. What is an OS? 28/10/2014. Introduction

INTERNATIONAL JOURNAL OF COMPUTER ENGINEERING & TECHNOLOGY (IJCET)

Eastern Washington University Department of Computer Science. Questionnaire for Prospective Masters in Computer Science Students

Configuring Apache Derby for Performance and Durability Olav Sandstå

Mission-Critical Java. An Oracle White Paper Updated October 2008

CS 3530 Operating Systems. L02 OS Intro Part 1 Dr. Ken Hoganson

Interpreters and virtual machines. Interpreters. Interpreters. Why interpreters? Tree-based interpreters. Text-based interpreters

Experimental Evaluation of Distributed Middleware with a Virtualized Java Environment

Introduction to Virtual Machines

Advanced compiler construction. General course information. Teacher & assistant. Course goals. Evaluation. Grading scheme. Michel Schinz

APPLETS AND NETWORK SECURITY: A MANAGEMENT OVERVIEW

The Hotspot Java Virtual Machine: Memory and Architecture

HeapStats: Your Dependable Helper for Java Applications, from Development to Operation

Adobe Flash Player and Adobe AIR security

Monitoring, Tracing, Debugging (Under Construction)

The Design of the Inferno Virtual Machine. Introduction

Suh yun Ki m (KIS T) (KIS suhyunk@.com

Multithreading and Java Native Interface (JNI)!

IBM SDK, Java Technology Edition Version 1. IBM JVM messages IBM

Lecture 32: The Java Virtual Machine. The Java Virtual Machine

TIBCO ActiveMatrix BusinessWorks Plug-in for TIBCO Managed File Transfer Software Installation

KVM: A Hypervisor for All Seasons. Avi Kivity avi@qumranet.com

Security Overview of the Integrity Virtual Machines Architecture

Capability-Based Access Control

Operating System Structures

Effective Java Programming. measurement as the basis

Chapter 2: Operating-System Structures. Operating System Concepts 9 th Edition

Java and Java Virtual Machine security vulnerabilities and their exploitation techniques

Chapter 1 Fundamentals of Java Programming

The Reincarnation of Virtual Machines

Programming Language Concepts for Software Developers

Virtual Servers. Virtual machines. Virtualization. Design of IBM s VM. Virtual machine systems can give everyone the OS (and hardware) that they want.

Contents Introduction... 5 Deployment Considerations... 9 Deployment Architectures... 11

KAIST Cyber Security Research Center SAR(Security Analysis Report) Date. August 31, Modified

VMware Server 2.0 Essentials. Virtualization Deployment and Management

Malicious Code on Java Card Smartcards: Attacks and Countermeasures

1 The Java Virtual Machine

Operating System Components

02 B The Java Virtual Machine

Practical Performance Understanding the Performance of Your Application

HP NonStop JDBC Type 4 Driver Performance Tuning Guide for Version 1.0

Mobile Devices - An Introduction to the Android Operating Environment. Design, Architecture, and Performance Implications

Transcription:

Restraining Execution Environments Segurança em Sistemas Informáticos André Gonçalves

Contents Overview Java Virtual Machine: Overview The Basic Parts Security Sandbox Mechanisms Sandbox Memory Native Methods Structured Error Handling Conclusion CHROOT: Overview Uses Limitations Conclusion Final Conclusion

Overview Restraining execution environments are used to protect the system from running programs against security threats. Deny the access to files or resources or emulates them. There are different types of restraining environments with different purposes.

JVM - Overview Java Virtual Machines operate on Java bytecodes. The bytecodes can be generated from many programming languages but is normally generated from Java. Available for many hardware and software implementations. The JVM runtime executes.class or.jar files, emulating the JVM instruction set by interpreting it, using a just-in-time compiler (JIT), or using an ahead-of-time compiler. Stack-based architecture. JVM is the instance of Java Runtime Environment (JRE).

JVM Overview (2)

JVM The Basic Parts A set of registers A stack An execution environment A garbage-collected heap A constant pool A method storage area An instruction set

JVM - Security JVM is an apropriate technology for network environments especially when files are downloaded across the network and executed locally. Provides a customizable sandbox where code is executed and allowed to do anything. The code can do nothing outside its sandbox. By making it impossible for downloaded code to perform certain actions, Java's security model protects the user from the threat of hostile code.

JVM Sandbox Mechanisms Safety sandbox mechanisms: Type-safe reference casting Structured memory access (no pointer arithmetic) Automatic garbage collection (can't explicitly free allocated memory) Array bounds checking Checking references for null

JVM Sandbox Memory A program that corrupts memory, crashes, and possibly causes other programs to crash represents one kind of security breach. Unrestrained memory access would be a security risk because a cracker could, potentially, use the memory to subvert the security system. Another safety feature is the unspecified manner in which the runtime data areas are laid out inside the Java virtual machine so a cracker never knows which areas will be used.

JVM Native Methods Native methods can be used to implement some funcionalities that Java API does not implement. A security issue can result from allowing native methods to execute. The security manager includes a method that establishes whether or not a program can load dynamic libraries, which are necessary for invoking native methods. The security model for native methods therefore is the traditional approach to computer security: You have to trust a native method before you call it.

JVM Structured Error Handling Contributes to security by using structured error handling with exceptions. When a violation occurs, instead of crashing, the JVM can throw an exception or an error, which may result in the death of the thread but shouldn t crash the system. Almost always results in the death of the thread. If the program has other threads doing useful things, those threads may be able to carry on without their recently departed colleague. Encourages programmers to write code that actually handles exception conditions that may reasonably be expected to arise as their programs run.

JVM - Conclusion The sandbox security model is an intrinsic part of Java's architecture. The sandbox, a shell that surrounds a running Java program, protects the host system from malicious code. This security model helps give users confidence in downloading untrusted code across network.

CHROOT - Overview Used on UNIX operating systems. Changes the aparent disk root directory to a chroot jail. Used for unstrusted programs. A chroot jail presents a dramatically restricted view of the filesystem to an application, and usually far fewer system privileges.

CHROOT - Uses Testing and development. Dependency control. Compatibility. Recovery. Privilege separation. Honeypotting.

CHROOT - Limitations Superuser can always escape (by typing "exit") from chroot prison. At startup, programs expect to find certain files which must be present in the chroot jail in order for the program to startup successfully. Only the root user can perform a chroot. The chroot mechanism is not intended to defend against intentional tampering by privileged (root) users. The chroot mechanism in itself also is not intended to restrict the use of resources like I/O, bandwidth, disk space or CPU time.

CHROOT - Conclusion Chroot is intended to protect against access to unauthorized files. Available in all linux distributions. Does not prevent access to system resources.

Final Conclusion The JVM and chroot are suitable for distinct situations. JVM is used to prevent access to the complete system. Chroot is used to prevent access to folders and files.

Bibliography http://en.wikipedia.org/wiki/java_virtual_machine http://en.wikipedia.org/wiki/sandbox_%28security%29 http://www.javaworld.com/javaworld/jw-08-1997/jw-08-hood.html?page=1 http://en.wikipedia.org/wiki/chroot http://www.bpfh.net/simes/computing/chroot-break.html http://unixwiz.net/techtips/chroot-practices.html Inside the Java Virtual Machine Bill Venners McGraw-Hill - ISBN: 0-07- 913248-0

Questions

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information