共查询到17条相似文献,搜索用时 140 毫秒
1.
一种新的Java智能卡上字节码校验算法 总被引:1,自引:0,他引:1
Java智能卡上的字节码校验是保障Java卡安全的重要手段。但是,由于Java智能卡本身的空间和运算器的限制,传统的字节码校验算法无法在Java智能卡上实现。为了解决此问题,本文在分析了现有方法的特点和不足的基础上提出了一种基于有向分枝图和缓存策略的字节码校验算法。效率分析和实践表明,该算法是一种可以在Java智能卡上实现
现的高效算法。 相似文献
现的高效算法。 相似文献
2.
Java卡字节码校验是构成Java卡安全体系结构的重要组成部分.而传统的Java卡字节码校验由于Java智能卡资源的限制,无法在卡内进行.本文通过对控制流程图和类型推导的分析,提出了基于控制流程树的Java卡卡外翻译过程和卡内校验器算法,详细描述了CFT迁移机理并对于基于CFT的Java卡内字节码校验算法和可行性进行了分析与实践. 相似文献
3.
文章则从程序运行的安全角度出发,探讨了如何将Java字节码文件预先装入VFP表格文件中,然后通过自定义的Java类加载器来运行保存在VFP表格中的字节码文件的方法,并对之进行了深入的讨论。 相似文献
4.
Java的解释器是通过将Java类的字节码文件装入Java运行环境,然后接受字节码检验器的检验后再运行之.由于Java类文件中使用的字节码格式是有很好的文档基础,对于具有汇编程序设计经验并且拥有一个十六进制编辑器的人来说,要想人工为Java解释器产生一个包含有效而不安全指令的类文件,这是一件非常容易的事情.本文则从安全角度出发,探讨了如何将Java字节码文件预先存入指定的Web服务器中,然后通过自定义的Java类加载器来运行保存在指定的Web服务器中的字节码文件的方法,并对其可行性进行了深入的讨论. 相似文献
5.
分析了Java字节码保护技术的现状,在此基础上提出了一种基于JVMTI的Java字节码保护技术,使得Java字节码的安全级别相当于传统的二进制代码。最后,给出了该技术在Win-dows平台和Linux平台下的实现方案。 相似文献
6.
软件的最坏执行时间是实时系统的时间可信基础,Java语言的动态特性使程序的最坏执行时间分析较悲观和难以预测,本文提出了一种基于Java字节码的面向实时Java程序的最坏执行时间分析新方法,该方法引入一个注释类对源程序进行注释,然后将编译产生的Java类文件作为方法的分析对象,解决了实时Java程序中由于动态分配问题带来的预测不确定的问题,实验表明,该方法可以使对实时Java程序的最坏情况执行时间预测更加安全和精确. 相似文献
7.
Java语言提供了同步锁、可重入锁和读写锁等几种锁机制,在并行程序设计中不同的数据结构使用这几种锁机制时获得的性能通常是不同的。为了在不同的锁机制之间进行自动转换,进而帮助程序员了解程序的性能,提出了一种面向Java锁机制的字节码自动重构框架,并基于该框架实现了字节码重构工具Lock2Lock。Lock2Lock在Quad中间表示的基础上对字节码进行静态分析,并对分析的结果进行一致性验证,通过Javassist完成字节码的重构。使用红黑树、消费者生产者程序以及SPECjbb2005 3个测试程序对Lock2Lock重构工具进行了测试,结果表明,Lock2Lock可以成功地实现从同步锁到可重入锁或读写锁的重构。 相似文献
8.
Java语言的动态特性使程序的最坏执行时间分析较悲观和难以预测,提出一种精确最坏执行时间分析方法,在高层分析中,引入一种标记方法,对带有标记的Java类文件进行反编译提取控制流程,得到每一个基本块中的Java 字节码指令的最坏情况下的执行次数,在底层分析中,建立结合流水线和高级缓存影响的时间模型,得到每条指令所对应的执行时间,最后结合高层分析和底层分析的结果得到程序的最坏情况下的执行时间。实验表明,该方法可以使对实时Java 程序的最坏情况执行时间预测更加安全和精确。 相似文献
9.
Java语言至今已成为最受欢迎的编程语言之一,由于其平台无关性、执行的安全性以及垃圾收集等特性而得到广泛应用,受到众多的IT企业及开发者的支持。然而,与诸如C/C++这类语言比起来,Java语言的运行性能在很多情况下还有待提高,优化Java应用性能的课题就成为当前业界迫切需要解决的问题和研究的热点。本文从优化Java字节码的角度切入,介绍一款在其上进行优化和变换的框架,并展示相关应用的例子。 相似文献
10.
解释器广泛应用于Java虚拟机、JavaScript执行引擎等托管运行环境中.解释器通常使用间接转移指令实现字节码分派.在现代多发射多级流水的微处理器中,间接转移预测失效严重制约解释器的性能.针对解释器提出了一种字节码指针引导的间接转移预测技术,其核心思想是使用解释器特有的字节码指针值区分不同的间接转移场景.该技术使用软硬件协同的方式,解释器中插入专门的引导指令以标记字节码指针,预测器在运行时刻使用字节码指针值预测转移目标地址.实验结果表明,该技术与常用的转移目标缓冲预测器相比,能提升Java解释器的性能达34.7%,能提升JavaScript解释器的性能达8.3%,与专用的硬件间接转移预测器TTC(tagged target cache)相比,也能提升Java解释器的性能达21.9%. 相似文献
11.
12.
Xavier Leroy 《Software》2002,32(4):319-340
This article presents a novel approach to the problem of bytecode verification for Java Card applets. By relying on prior off‐card bytecode transformations, we simplify the bytecode verifier and reduce its memory requirements to the point where it can be embedded on a smart card, thus increasing significantly the security of post‐issuance downloading of applets on Java Cards. This article describes the on‐card verification algorithm and the off‐card code transformations, and evaluates experimentally their impact on applet code size. Copyright © 2002 John Wiley & Sons, Ltd. 相似文献
13.
14.
The accurate measurement of the execution time of Java bytecode is one factor that is important in order to estimate the total execution time of a Java application running on a Java Virtual Machine. In this paper we document the difficulties and solutions for the accurate timing of Java bytecode. We also identify trends across the execution times recorded for all imperative Java bytecodes. These trends would suggest that knowing the execution times of a small subset of the Java bytecode instructions would be sufficient to model the execution times of the remainder. We first review a statistical approach for achieving high precision timing results for Java bytecode using low precision timers and then present a more suitable technique using homogeneous bytecode sequences for recording such information. We finally compare instruction execution times acquired using this platform independent technique against execution times recorded using the read time stamp counter assembly instruction. In particular our results show the existence of a strong linear correlation between both techniques. 相似文献
15.
This paper describes a new method for code space optimization for interpreted languages called LZW‐CC . The method is based on a well‐known and widely used compression algorithm, LZW , which has been adapted to compress executable program code represented as bytecode. Frequently occurring sequences of bytecode instructions are replaced by shorter encodings for newly generated bytecode instructions. The interpreter for the compressed code is modified to recognize and execute those new instructions. When applied to systems where a copy of the interpreter is supplied with each user program, space is saved not only by compressing the program code but also by automatically removing the unused implementation code from the interpreter. The method's implementation within two compiler systems for the programming languages Haskell and Java is described and implementation issues of interest are presented, notably the recalculations of target jumps and the automated tailoring of the interpreter to program code. Applying LZW‐CC to nhc98 Haskell results in bytecode size reduction by up to 15.23% and executable size reduction by up to 11.9%. Java bytecode is reduced by up to 52%. The impact of compression on execution speed is also discussed; the typical speed penalty for Java programs is between 1.8 and 6.6%, while most compressed Haskell executables run faster than the original. Copyright © 2008 John Wiley & Sons, Ltd. 相似文献
16.
Java bytecode verification is traditionally performed by using dataflow analysis. We investigate an alternative based on reducing
bytecode verification to model checking. First, we analyze the complexity and scalability of this approach. We show experimentally
that, despite an exponential worst-case time complexity, model checking type-correct bytecode using an explicit-state on-the-fly
model checker is feasible in practice, and we give a theoretical account why this is the case. Second, we formalize our approach
using Isabelle/HOL and prove its correctness. In doing so we build on the formalization of the Java Virtual Machine and dataflow
analysis framework of Pusch and Nipkow and extend it to a more general framework for reasoning about model-checking-based
analysis. Overall, our work constitutes the first comprehensive investigation of the theory and practice of bytecode verification
by model checking.
This revised version was published online in August 2006 with corrections to the Cover Date. 相似文献
17.
The Java Virtual Machine executes bytecode programs that may have been sent from other, possibly untrusted, locations on the
network. Since the transmitted code may be written by a malicious party or corrupted during network transmission, the Java
Virtual Machine contains a bytecode verifier to check the code for type errors before it is run. As illustrated by reported
attacks on Java run-time systems, the verifier is essential for system security. However, no formal specification of the bytecode
verifier exists in the Java Virtual Machine Specification published by Sun. In this paper, we develop such a specification
in the form of a type system for a subset of the bytecode language. The subset includes classes, interfaces, constructors,
methods, exceptions, and bytecode subroutines. We also present a type checking algorithm and prototype bytecode verifier implementation,
and we conclude by discussing other applications of this work. For example, we show how to extend our formal system to check
other program properties, such as the correct use of object locks.
This revised version was published online in August 2006 with corrections to the Cover Date. 相似文献