Please use this identifier to cite or link to this item:
Title: JNICodejail - Native code isolation for Java programs
Authors: Hassanshahi, B.
Yap, R.H.C. 
Keywords: Java
Software fault isolation
Issue Date: 2013
Citation: Hassanshahi, B.,Yap, R.H.C. (2013). JNICodejail - Native code isolation for Java programs. ACM International Conference Proceeding Series : 173-176. ScholarBank@NUS Repository.
Abstract: The Java Native Interface (JNI) allows Java programmers to inter-operate with code written in other languages like C and C++. One reason to use JNI is to get higher performance. Other reasons are to access low-level implementation features not available in pure Java and facilitate the reuse of existing code and libraries. However, the drawback is that native code can be used to compromise the security of the rest of Java. In this paper, we propose JNICodejail, which sandboxes the native code used in JNI. JNICodejail ensures that the native code is unable to affect the rest of Java (except what is allowed through JNI) and is confined only with the appropriate system privileges. However, native code is allowed to read memory outside its sandbox, thus, it is possible to share data which is read-only with the sandbox for improved efficiency. A recent alternative for sandboxing JNI native code is Arabica. We demonstrate that our JNICodejail prototype can have reasonable performance with respect to both normal un-sandboxed JNI execution and sandboxing with Arabica.
Source Title: ACM International Conference Proceeding Series
ISBN: 9781450321112
DOI: 10.1145/2500828.2500848
Appears in Collections:Staff Publications

Show full item record
Files in This Item:
There are no files associated with this item.

Page view(s)

checked on Oct 12, 2019

Google ScholarTM



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.