Secure Internet Programming
* History
* People
* Partners
* Research
* Publications
* FAQ
* Links
A Java Filter

Authors
Dirk Balfanz
Ed Felten

Abstract
Rogue Java applets are currently a major concern for big companies and private users alike. While the best protection against them is to turn off Java support of your WWW browser, this ``solution'' is unsatisfying since it deprives us of many of the advantages of the Java platform. Other systems such as firewalls or code signing have been proposed to ``enhance'' the security of the user. In this paper we show that they do not necessarily, and describe a simple, yet effective, way to prevent untrusted applets from entering the local system while allowing trusted applets to execute in whatever sandbox the browser provides for them. Our technique uses class loaders and can be extended to provide fine-grained access control for Java applets.

Published
Technical Report 567-97, Department of Computer Science, Princeton University, September 1997

Text
GZip'ed Postscript (142k)
PDF (Adobe Acrobat) (1273k)

See Also
Tech Report 567-97


Princeton University
Department of Computer Science
Contact: sip@cs.princeton.edu