Enhancing Java Security with History Based Access Control

  • Fabio Martinelli
  • Paolo Mori
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4677)


Java language has become very popular in the last few years. Due to its portability, Java applications are adopted in distributed environment, where heterogeneous resources cooperate. In this context, security is a fundamental issue, because each resource could execute applications that have been developed by possibly unknown third parties.

This paper recalls several solutions for improving the Java native security support. In particular, it discusses an approach for history based access control of Java applications. This paper also describes the application of this solution to two common use cases: grid computing and mobile devices (such as mobile phones or PDAs).


Policy Language Security Policy System Call Security Manager Java Virtual Machine 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Alpern, B., Attanasio, C.R., Barton, J.J., et al.: The jalapeño virtual machine. IBM System Journal 39(1) (2000)Google Scholar
  2. 2.
    Anderson, A.: Java access control mechanisms. Technical report, Sun Microsystems (2002)Google Scholar
  3. 3.
    Baiardi, F., Martinelli, F., Mori, P., Vaccarelli, A.: Improving grid service security with fine grain policies. In: Meersman, R., Tari, Z., Corsaro, A. (eds.) On the Move to Meaningful Internet Systems 2004: OTM 2004 Workshops. LNCS, vol. 3292, pp. 123–134. Springer, Heidelberg (2004)Google Scholar
  4. 4.
    Baker, M., Buyya, R., Laforenza, D.: Grids and grid technologies for wide-area distributed computing. International Journal of Software: Practice and Experience 32(15), 1437–1466 (2002)zbMATHCrossRefGoogle Scholar
  5. 5.
    Bauer, L., Ligatti, J., Walker, D.: Composing security policies with polymer. In: PLDI ’05: Proceedings of the 2005 ACM SIGPLAN conference on Programming language design and implementation, pp. 305–314. ACM Press, New York (2005)CrossRefGoogle Scholar
  6. 6.
    Chadwick, D.W., Otenko, O.: The permis x.509 role based privilege management infrastructure. In: Proceedings of the 7th ACM symposium on Access control models and technologies (SACMAT 2002), pp. 135–140. ACM Press, New York (2002)CrossRefGoogle Scholar
  7. 7.
    Chadwick, D.W., Otenko, S., Welch, V.: Using SAML to Link the GLOBUS Toolkit to the PERMIS Authorisation Infrastructure. In: Proceedings of Eighth Annual IFIP TC-6 TC-11 Conference on Communications and Multimedia Security (September 2004)Google Scholar
  8. 8.
    Chapin, S.J., Katramatos, D., Karpovich, J., Grimshaw, A.: Resource management in Legion. Future Generation Computer Systems 15(5-6), 583–594 (1999)CrossRefGoogle Scholar
  9. 9.
    Ciaschini, V., Gorrieri, R.: Contrasting malicious java applets by modifying the java virtual machine. In: 19th Int.l Information Security Conference (SEC 2004), pp. 47–64. Kluwer, Dordrecht (2004)Google Scholar
  10. 10.
    Colby, C., Lee, P., Necula, G.C., Blau, F., Plesko, M., Cline, K.: A certifying compiler for Java. ACM SIGPLAN Notices 35(5), 95–107 (2000)CrossRefGoogle Scholar
  11. 11.
    Damianou, N., Dulay, N., Lupu, E., Sloan, M.: The ponder policy specification language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, pp. 18–39. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  12. 12.
    Eckmann, S., Vigna, G., Kemmerer, R.: Statl: An attack language for state-based intrusion detection. Journal of Computer Security 10(1/2), 71–104 (2002)Google Scholar
  13. 13.
    Erlingsson, U.: The inlined reference monitor approach to security policy enforcement. PhD thesis, Cornell University, Adviser-Fred B. Schneider (2004)Google Scholar
  14. 14.
    Erlingsson, U., Schneider, F.B.: IRM enforcement of Java stack inspection. In: IEEE Symposium on Security and Privacy, pp. 246–255 (2000)Google Scholar
  15. 15.
    Erlingsson, U., Schneider, F.B.: SASI enforcement of security policies: A retrospective. In: WNSP: New Security Paradigms Workshop, ACM Press, New York (2000)Google Scholar
  16. 16.
    Evans, D., Twyman, A.: Flexible policy-directed code safety. In: IEEE Symposium on Security and Privacy, pp. 32–45 (1999)Google Scholar
  17. 17.
    Foster, I.: Globus toolkit version 4: Software for service-oriented systems. In: Jin, H., Reed, D., Jiang, W. (eds.) NPC 2005. LNCS, vol. 3779, pp. 2–13. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  18. 18.
    Foster, I., Kesselman, C.: The globus project: A status report. In: Proceedings of IPPS/SPDP 1998 Heterogeneous Computing Workshop, pp. 4–18 (1998)Google Scholar
  19. 19.
    Foster, I., Kesselman, C., Nick, J.M., Tuecke, S.: The physiology of the grid: An open grid service architecture for distributed system integration. Globus Project (2002),
  20. 20.
    Foster, I., Kesselman, C., Tuecke, S.: The anatomy of the grid: Enabling scalable virtual organizations. International Journal of Supercomputer Applications 15(3), 200–222 (2001)CrossRefGoogle Scholar
  21. 21.
    GCC: the GNU compiler collection,
  22. 22.
    Gong, L.: Inside Java2 Platform Security, 2nd edn. Addison-Wesley, Reading (1999)Google Scholar
  23. 23.
  24. 24.
    Grimm, R., Bershad, B.N.: Separating access control policy, enforcement, and functionality in extensible systems. ACM Transactions on Computer Systems 19(1), 36–70 (2001)CrossRefGoogle Scholar
  25. 25.
    JSR 118 Expert Group: Security for GSM/UMTS compliant devices recommended practice. addendum to the mobile information device profile. Technical report, Java Community Process (November 2002),
  26. 26.
    JSR 120 Expert Group: Wireless messaging api (wma) for Java 2 micro edn. Technical Report JSR 120, Java Community Process (2003),
  27. 27.
    JSR 205 Expert Group: Wireless messaging api 2.0 (wma) for Java 2 micro edn. Technical Report JSR 205, Java Community Process (2004),
  28. 28.
    Hoare, C.A.R.: Communicating sequential processes. Commun. ACM 21(8), 666–677 (1978)zbMATHCrossRefMathSciNetGoogle Scholar
  29. 29.
    Humphrey, M., Thompson, M.R., Jackson, K.R.: Security for grids. Proceedings of the IEEE 93(3), 644–652 (2005)CrossRefGoogle Scholar
  30. 30.
    Sun Microsystems Inc. Mobile Information Device Profile for Java 2 micro edn. Technical Report JSR 118, Java Community Process (November 2002),
  31. 31.
    Sun Microsystems Inc. The Connected Limited Device Configuration specification. Technical Report JSR 139, Java Community Process (March 2003),
  32. 32.
    Jajodia, S., Samarati, P., Subrahmanian, V.S.: A logical language for expressing authorizations. In: Proceedings of the 1997 IEEE Symposium on Security and Privacy, pp. 31–42. IEEE Press, Los Alamitos (1997)Google Scholar
  33. 33.
    Gosling, J., Joy, B., Steele, G., Bracha, G.: The Java Language Specification. Sun Microsystems (2000)Google Scholar
  34. 34.
    Keahey, K., Welch, V.: Fine-grain authorization for resource management in the grid environment. In: Parashar, M. (ed.) GRID 2002. LNCS, vol. 2536, pp. 199–206. Springer, Heidelberg (2002)CrossRefGoogle Scholar
  35. 35.
    Koshutanski, H., Martinelli, F., Mori, P., Vaccarelli, A.: Fine-grained and history-based access control with trust management for autonomic grid services. In: Proceedings of the 2nd International Conference on Autonomic and Autonomous Systems (ICAS 2006), IEEE Computer Society, Los Alamitos (2006)Google Scholar
  36. 36.
    Ligatti, J., Bauer, L., Walker, D.: Edit automata: Enforcement mechanisms for run-time security policies. International Journal of Information Security 4(1-2), 2–16 (2005)CrossRefGoogle Scholar
  37. 37.
    Lindholm, T., Yellin, F.: The Java Virtual Machine Specification. Sun Microsystems (1999)Google Scholar
  38. 38.
    Martinelli, F.: Analysis of security protocols as open systems. Journal of Computer Security 290(1), 1057–1106 (2003)zbMATHMathSciNetGoogle Scholar
  39. 39.
    Martinelli, F.: Towards an integrated formal analysis for security and trust. In: Steffen, M., Zavattaro, G. (eds.) FMOODS 2005. LNCS, vol. 3535, pp. 115–130. Springer, Heidelberg (2005)Google Scholar
  40. 40.
    Martinelli, F., Mori, P., Vaccarelli, A.: Towards continuous usage control on grid computational services. In: Proceedings of Joint International Conference on Autonomic and Autonomous Systems and International Conference on Networking and Services (ICAS-ICNS 2005), p. 82. IEEE Computer Society, Los Alamitos (2005)CrossRefGoogle Scholar
  41. 41.
    Nagaratnam, N., Janson, P., Dayka, J., Nadalin, A., Siebenlist, F., Welch, V., Foster, I., Tuecke, S.: Security architecture for open grid services. In: GGF OGSA Security Working Group (2003)Google Scholar
  42. 42.
    Necula, G.C.: Proof-carrying code. In: Conference Record of POPL 1997: The 24th ACM SIGPLAN-SIGACT Symposium on Principles of Programming Languages, pp. 106–119 (1997)Google Scholar
  43. 43.
    Necula, G.C., Lee, P.: The design and implementation of a certifying compiler. In: Proceedings of the 1998 ACM SIGPLAN Conference on Prgramming Language Design and Implementation (PLDI), pp. 333–344 (1998)Google Scholar
  44. 44.
    Pandey, R., Hashii, B.: Providing fine-grained access control for Java programs via binary editing. Concurrency: Practice and Experience 12(14), 1405–1430 (2000)zbMATHCrossRefGoogle Scholar
  45. 45.
    Ryan, P., Schneider, S., Goldsmith, M., Lowe, G.: The modelling and analysis of security protocols: the CSP approach. Addison-Wesley, Reading (2000)Google Scholar
  46. 46.
    Soman, S., Krintz, C., Vigna, G.: Detecting malicious java code using virtual machine auditing. In: 12th USENIX Security Symposium (2003)Google Scholar
  47. 47.
    Spencer, B., Finholt, T.A., Foster, I., Kesselman, C., Beldica, C., Futrelle, J., Gullapalli, S., Hubbard, P., Liming, L., Marcusiu, D., Pearlman, L., Severance, C., Yang, G.: Neesgrid: A distributed collaboratory for advanced earthquake engineering experiment and simulation. In: 13th World Conference on Earthquake Engineering (2004)Google Scholar
  48. 48.
  49. 49.
    Thompson, M.R., Essiari, A., Keahey, K., Welch, V., Lang, S., Liu, B.: Fine-grained authorization for job and resource management using akenti and the globus toolkit. In: Proceedings of Computing in High Energy and Nuclear Physics (2003)Google Scholar
  50. 50.
    Vigna, G., Eckmann, S., Kemmerer, R.: The stat tool suite. In: DISCEX 2000, Hilton Head, South Carolina, IEEE Computer Society Press, Los Alamitos (2000)Google Scholar
  51. 51.
    Wallach, D.S.: A New Approach to Mobile Code Security. PhD thesis, Princeton University, New Jersey (1999)Google Scholar
  52. 52.
    Wallach, D.S., Balfanz, D., Dean, D., Felten, E.W.: Extensible security architectures for Java. In: 16th Symposium on Operating Systems Principles, pp. 116–128 (1997)Google Scholar
  53. 53.
    Wallach, D.S., Felten, E.W.: Undestanding java stack inspection. In: IEEE Symposium on Security and Privacy, IEEE Computer Society, Los Alamitos (1998)Google Scholar
  54. 54.
    Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for grid services. In: 12th IEEE International Symp. on High Performance Distributed Computing (2003)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Fabio Martinelli
    • 1
  • Paolo Mori
    • 1
  1. 1.Istituto di Informatica e Telematica, Consiglio Nazionale delle Ricerche, via Moruzzi, 1 - 56124 PisaItaly

Personalised recommendations