[talks] Security Lunch / PLC Seminar Monday Nov 19: Gang Tan

[Andrew W. Appel]

One week from today, on Monday Nov 19th, Prof. Gang Tan of Boston 
College (PhD Princeton 2005) will give a talk at noon on how to find 
security holes in JVMs -- in particular, in the interaction between 
native (C) methods and Java code -- AND how to prove the absence of holes.

Location:  Small Auditorium
Monday, Nov 19th.
Time:  12 noon.   LUNCH PROVIDED (for the first 20 people...)

Speaker:   Gang Tan, Boston College
Title: Security Analysis of the Native Code in the JDK

Abstract:
It is well known that the use of native methods in Java defeats Java's
guarantees of safety and security, which is why the default policy of
Java applets, for example, cannot load non-local native code.
However, there is already a large amount of trusted native C/C++ code
that comprises a significant portion of the Java Development Kit
(JDK). We have carried out an empirical study on the security of the
native code in Sun's JDK 1.6. By applying static analysis tools and
manual inspection, we have identified in this security-critical code
previously undiscovered vulnerabilities. We propose a taxonomy of
vulnerabilities to classify patterns of errors, and discuss new
patterns that arise in the interaction between Java and the native
code.

We also discuss remedies to address the threats posed by the native
code. We have implemented a system, SafeJNI, which can guarantee that
the failure of the native code does not corrupt the Java state.  We
have also proposed ILEA, which is a general framework for performing
inter-language analysis across Java and C. By partially compiling C
code into Java code, ILEA enables existing analyses on Java to also
understand the C code.