Show simple item record

dc.contributor.authorChisnall, Daviden
dc.contributor.authorDavis, Brooksen
dc.contributor.authorGudka, Khilanen
dc.contributor.authorBrazdil, Daviden
dc.contributor.authorJoannou, Alexandreen
dc.contributor.authorWoodruff, Jonathanen
dc.contributor.authorMarkettos, Theoen
dc.contributor.authorMaste, J Edwarden
dc.contributor.authorNorton, Roberten
dc.contributor.authorSon, Staceyen
dc.contributor.authorRoe, Michaelen
dc.contributor.authorMoore, Simonen
dc.contributor.authorNeumann, Peter Gen
dc.contributor.authorLaurie, Benen
dc.contributor.authorWatson, Roberten
dc.date.accessioned2017-11-24T12:49:51Z
dc.date.available2017-11-24T12:49:51Z
dc.date.issued2017-06en
dc.identifier.issn0163-5980
dc.identifier.urihttps://www.repository.cam.ac.uk/handle/1810/269668
dc.description.abstractJava provides security and robustness by building a high- level security model atop the foundation of memory protection. Unfortunately, any native code linked into a Java program – including the million lines used to implement the standard library – is able to bypass both the memory protection and the higher-level policies. We present a hardware-assisted implementation of the Java native code interface, which extends the guarantees required for Java’s security model to native code. Our design supports safe direct access to buffers owned by the JVM, including hardware-enforced read-only access where appropriate. We also present Java language syntax to declaratively describe isolated compartments for native code. We show that it is possible to preserve the memory safety and isolation requirements of the Java security model in C code, allowing native code to run in the same process as Java code with the same impact on security as running equivalent Java code. Our approach has a negligible impact on performance, compared with the existing unsafe native code interface. We demonstrate a prototype implementation running on the CHERI microprocessor synthesized in FPGA.
dc.description.sponsorshipDefense Advanced Research Projects Agency Google, Inc. Isaac Newton Trust Thales E-Security
dc.publisherACM
dc.titleCHERI JNI: Sinking the Java Security Model into the Cen
dc.typeConference Object
prism.endingPage583
prism.issueIdentifier2en
prism.publicationDate2017en
prism.publicationNameOPERATING SYSTEMS REVIEWen
prism.startingPage569
prism.volume51en
dc.identifier.doi10.17863/CAM.10495
dcterms.dateAccepted2016-11-10en
rioxxterms.versionofrecord10.1145/3037697.3037725en
rioxxterms.versionAM*
rioxxterms.licenseref.urihttp://www.rioxx.net/licenses/all-rights-reserveden
rioxxterms.licenseref.startdate2017-06en
dc.contributor.orcidMoore, Simon [0000-0002-2806-495X]
dc.identifier.eissn1943-586X
rioxxterms.typeConference Paper/Proceeding/Abstracten
pubs.funder-project-idEPSRC (EP/K008528/1)
pubs.funder-project-idEPSRC (EP/K503757/1)


Files in this item

Thumbnail

This item appears in the following Collection(s)

Show simple item record