SandBox & Trusted Computing

SandBox Module is a security measure in the Java development environment. The sandbox is a set of rules that are used when creating an applet that prevents certain functions when the applet is sent as part of a Web page. When a browser
requests a Web page with applets, the applets are sent automatically
and can be executed as soon as the page arrives in the browser. If the
applet is allowed unlimited access to memory and operating system
resources, it can do harm in the hands of someone with malicious
intent. The sandbox creates an environment in which there are strict
limitations on what system
resources the applet can request or access. Sandboxes are used when
executable code comes from unknown or untrusted sources and allow the
user to run untrusted code safely.


The Java sandbox relies on a three-tiered defense. If any one of these
three elements fails, the security model is completely compromised and
vulnerable to attack:




  • byte code verifier -- This is one way that Java automatically checks untrusted outside code before it is allowed to run. When a Java source program is compiled, it compiles down to platform-independent Java byte code, which is verified before it can run. This helps to establish a base set of security guarantees.

  • applet class loader -- All Java objects belong to classes,
    and the applet class loader determines when and how an applet can add
    classes to a running Java environment. The applet class loader ensures
    that important elements of the Java run-time environment are not replaced by code that an applet tries to install.

  • security manager -- The security manager
    is consulted by code in the Java library whenever a dangerous operation
    is about to be carried out. The security manager has the option to veto
    the operation by generating a security exception.



Please refer to: http://java.sun.com/j2se/1.4.2/docs/guide/security/spec/security-spec.doc1.html



Trusted Computing (TC) is a technology developed and promoted by the Trusted Computing Group. The term is taken from the field of trusted systems
and has a specialized meaning. With Trusted Computing the computer will
consistently behave in specific ways, and those behaviors will be
enforced by hardware and software. Enforcing this Trusted behavior is
achieved by loading the hardware with a unique ID and unique master key
and denying even the owner of a computer knowledge and control of their
own master key. Trusted Computing is extremely controversial as the
hardware is not merely secured for the owner; enforcing Trusted
behavior means it is secured against the owner as well.The Mobile Phone Work Group will work on the adoption of TCG concepts for mobile devices to enable different business models in market environment of open terminal platform. The work group will enhance TCG as needed to address specific features of mobile devices like their connectivity and limited capability as analyzed through various usage scenarios that may demonstrate added value of mobile devices in TCG.



Refer to: https://www.trustedcomputinggroup.org/groups/mobile

Posted on: Nov 17, 2008

Posted by: Yunpu Zhu

Category: Sun

Permanent link to this entry

Comments:

Post a Comment:
  • HTML Syntax: NOT allowed

This blog copyright 2009 by Yunpu Zhu