| Summary: | 碩士 === 國立臺灣大學 === 電機工程研究所 === 84 === The introduction of Java has accelerated the wide acceptance of
World Wide Web and its associated applications and data. Since
Java code can be transported across networks, security becomes
extremely important. Due to the complexity of access control
list that the current Java security model based on, maintaining
the security of a Java environment becomes a very difficult
task for system administrators, and a challenge for common
network users. In this thesis, we propose a new Java security
model based on information flow control to enhance the system
security. Moreover, we also simplify the management of the
security of Java environments and reduce the chance of falling
into traps caused by careless operations. Our security model
is based on the information flow control to make the Java
distributed environment more secure, and to simplify the
operations of system security to provide a user-friendly
interface. For typical users, they would like to have a more
secure manager to loosen up with the simplified administration.
For Java developers, they could enjoy the system resources that
they need to code without worrying to leak any information to
unauthorized users. For system administrators, it makes their
jobs easier that all users in the system can work in a more
secure environment. Our proposed model is the first one to
achieve all these features.
|
|---|
