Browse Prior Art Database

A Secure Environment for Evaluating Java Applications

IP.com Disclosure Number: IPCOM000123402D
Original Publication Date: 1998-Oct-01
Included in the Prior Art Database: 2005-Apr-04
Document File: 2 page(s) / 110K

Publishing Venue

IBM

Related People

Wigglesworth, JP: AUTHOR

Abstract

A tool for providing a secure environment for evaluating and executing Java applications (not applets) is disclosed. The environment is configurable, allowing the user to give each application a different level of authorization to controlled actions such as reading and writing the workstation's local storage device. Authorizations are remembered for each application so that the user does not have to go through the action of granting authorization each time the application is run.

This text was extracted from an ASCII text file.
This is the abbreviated version, containing approximately 52% of the total text.

A Secure Environment for Evaluating Java Applications

   A tool for providing a secure environment for evaluating
and executing Java applications (not applets) is disclosed.  The
environment is configurable, allowing the user to give each
application a different level of authorization to controlled actions
such as reading and writing the workstation's local storage device.
Authorizations are remembered for each application so that the user
does not have to go through the action of granting authorization each
time the application is run.

   Unlike Java applets, Java applications run in an
environment without any security restrictions.  This is normally the
desired situation since Java applications often need unrestricted
access to the users workstation just as any other application would.
But there are times when this is not true.  For example, a person
evaluating unfamiliar or untrusted software (e.g. test team member,
customer, teacher) may not want to give the application unrestricted
access until it is certain that the software is well behaved.
Currently, there is no easy way for a Java application to be given
conditional access to system resources.

   This disclosure describes a "shield"  type program that
allows a user to create and deploy a security policy for a specific
Java application.  The shield program presents the user with a window
in which he or she can specify:
  o  The name of the Java application being evaluated
  o  Any parameters the application may require
  o  The setting for each of the operation checks defined by the
     Java SecurityManager class.  The setting is either
  Yes       The application will be allowed to perform the
            operation (default).
  No        The application will not be allowed to perform the
            operation.
  Maybe     The application may be allowed to perform the
            operation.  When this operation is attempted, an
            informational window will be presented to the user
            and the user can decide at that time whether or
            not to allow the operation.

   When all the security settings have been selected for
the application, the user selects the "Start"  button to begin
execution of the application.  The application is started within the
same Java Virtual Machine (JVM) as the shield by calling the main
method of the application.  This is exactly the same way that the
application would have been started if the shield were not present,
so the application is unaware of the secure environment it is
operating within.

   However, before the application under evaluation is
started, the shield creates an instance of its SecurityManager
subclass and installs it as the SecurityManager object for the
current JVM.  Since it is not possible to install another
SecurityManager object once one i...