A formal dynamic semantics of Java: an essential ingredient of Java security
DOI:
https://doi.org/10.26636/jtit.2002.4.143Keywords:
security, static analysis, certifying compilers, Java, dynamic semantics, operational semantics, small step semanticsAbstract
Security is becoming a major issue in our highly networked and computerized era. Malicious code detection is an essential step towards securing the execution of applications in a highly inter-connected context. In this paper, we present a formal definition of Java dynamic semantics. This semantics has been used as a basis to develop efficient, rigorous and provably correct static analysis tools and a certifying compiler aimed to detect and prevent the presence of malicious code in Java applications. We propose a small step operational semantics of a large subset for Java. The latter includes features that have not been completely addressed in the related work or addressed in another semantics style. We provide a fully-fledged semantic handling of exceptions, reachable statements, modifiers and class initialization.
Downloads
Downloads
Published
Issue
Section
License
Copyright (c) 2002 Journal of Telecommunications and Information Technology
This work is licensed under a Creative Commons Attribution 4.0 International License.
