A java security model based on information flow control

• Main Authors: Chih-Yuh Chang, 張志聿
• Other Authors: Chin-Laung Lei
• Format: Others
• Language: en_US
• Published: 1996
• Online Access: http://ndltd.ncl.edu.tw/handle/69956866302920413400

碩士 === 國立臺灣大學 === 電機工程研究所 === 84 === The introduction of Java has accelerated the wide acceptance of World Wide Web and its associated applications and data. Since Java code can be transported across networks, security becomes extremely important. Due to the complexity of access control list that the current Java security model based on, maintaining the security of a Java environment becomes a very difficult task for system administrators, and a challenge for common network users. In this thesis, we propose a new Java security model based on information flow control to enhance the system security. Moreover, we also simplify the management of the security of Java environments and reduce the chance of falling into traps caused by careless operations. Our security model is based on the information flow control to make the Java distributed environment more secure, and to simplify the operations of system security to provide a user-friendly interface. For typical users, they would like to have a more secure manager to loosen up with the simplified administration. For Java developers, they could enjoy the system resources that they need to code without worrying to leak any information to unauthorized users. For system administrators, it makes their jobs easier that all users in the system can work in a more secure environment. Our proposed model is the first one to achieve all these features.