Please use this identifier to cite or link to this item:
|Title:||JNICodejail - Native code isolation for Java programs|
Software fault isolation
|Citation:||Hassanshahi, B.,Yap, R.H.C. (2013). JNICodejail - Native code isolation for Java programs. ACM International Conference Proceeding Series : 173-176. ScholarBank@NUS Repository. https://doi.org/10.1145/2500828.2500848|
|Abstract:||The Java Native Interface (JNI) allows Java programmers to inter-operate with code written in other languages like C and C++. One reason to use JNI is to get higher performance. Other reasons are to access low-level implementation features not available in pure Java and facilitate the reuse of existing code and libraries. However, the drawback is that native code can be used to compromise the security of the rest of Java. In this paper, we propose JNICodejail, which sandboxes the native code used in JNI. JNICodejail ensures that the native code is unable to affect the rest of Java (except what is allowed through JNI) and is confined only with the appropriate system privileges. However, native code is allowed to read memory outside its sandbox, thus, it is possible to share data which is read-only with the sandbox for improved efficiency. A recent alternative for sandboxing JNI native code is Arabica. We demonstrate that our JNICodejail prototype can have reasonable performance with respect to both normal un-sandboxed JNI execution and sandboxing with Arabica.|
|Source Title:||ACM International Conference Proceeding Series|
|Appears in Collections:||Staff Publications|
Show full item record
Files in This Item:
There are no files associated with this item.
checked on Nov 16, 2018
Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.