[talks] LOCATION CHANGE Monday Nov 19: Gang Tan

[Andrew W. Appel]

Change of location (ROOM 402) for Gang Tan's talk this coming Monday 
noon.  Note that we will start promptly at noon, to leave time for a 
talk at 1:30 (in 301) by Stephanie Weirich of U. Penn, on "Engineering 
Formal Metatheory".

Location:  Computer Science room 402
Monday, Nov 19th.
Time:  12 noon.   LUNCH PROVIDED (for the first 20 people...)

Speaker:   Gang Tan, Boston College
Title: Security Analysis of the Native Code in the JDK

Abstract:
It is well known that the use of native methods in Java defeats Java's
guarantees of safety and security, which is why the default policy of
Java applets, for example, cannot load non-local native code.
However, there is already a large amount of trusted native C/C++ code
that comprises a significant portion of the Java Development Kit
(JDK). We have carried out an empirical study on the security of the
native code in Sun's JDK 1.6. By applying static analysis tools and
manual inspection, we have identified in this security-critical code
previously undiscovered vulnerabilities. We propose a taxonomy of
vulnerabilities to classify patterns of errors, and discuss new
patterns that arise in the interaction between Java and the native
code.

We also discuss remedies to address the threats posed by the native
code. We have implemented a system, SafeJNI, which can guarantee that
the failure of the native code does not corrupt the Java state.  We
have also proposed ILEA, which is a general framework for performing
inter-language analysis across Java and C. By partially compiling C
code into Java code, ILEA enables existing analyses on Java to also
understand the C code.