Homework 3: Java Security

Background and Motivation

One of the key features of Java is that one can run applets that are downloaded from the network. ``Executable'' or ``active content'' is the buzzword. In theory, one can download applications and run them on any computer, hence the Java slogan ``write once, run anywhere.''

Unfortunately downloading an applet from the network, which can run on your own computer, can cause serious security problems. Suppose the applet could delete all your files? Perhaps worse, suppose it read data from your files and sent it over the network to the author of the applet. Or it might crash your computer, or use all of your computer's CPU cycles.

What are the threats? How serious are they? What can be done about them? In this homework, you will prepare for a class discussion and debate on these questions.

This homework will also help you learn how to use research resources better. Especially on the internet, be sure to consider who is saying what, and what their qualifications are.

What to Read

Read chapter 3, especially sections 3.3-3.5, skim chapter 4, read sections 5.13 and 14.7, skim chapter 9 but pay attention to section 9.13, and skim appendix A of The Java Programming Language by Arnold and Gosling (Addison-Wesley, 1996).

Or read chapters 1 and 7 of Just Java by van der Linden (Prentice-Hall, 1997).

For reference, skim chapters 4-5, and read chapter 12 of The Java Language Specification by Gosling, Joy, and Steele (Addison-Wesley, 1996).

For more specific information on security topics, you will probably have to look elsewhere. Probably for this homework, the internet will be the best bet, but you may also want to consult magazines, journals, and books in the library. On the internet, a good starting place is JavaSoft's Frequently Asked Questions - Applet Security, where you can also find links to other information about Java security. You might also want to look at the web page of Princeton's Secure Internet Programming Group, the University of Washington's Kimera Group or Reliable Software Technology's Java Security Page.

An excellent book about Java Security is Java Security: Hostile Applets, Holes and Antidotes by Gary McGraw and Edward W. Felten (John Wiley and Sons, New York, 1996).

Directions

This homework, like the others in this seminar, will be open-ended and somewhat ill-defined. we'll try to give you some idea of the difficulty/effort involved in each part. Do what you feel you have time for, but please do something so that you can participate in the discussion.

The following problems are really questions to ponder while you read. You don't necessarily need to write anything down.

Problems

1. (easy) As you find new resources or good things to read, post a URL or description of where to find them to our newsgroup: isu.coms.java.
2. (moderate) What is security for a computer system? Can a computer system ever be made perfectly secure? What are the costs and tradeoffs involved?
3. (easy) What's the distinction between applets and applications? How does that relate to security?
4. (moderate) What kinds of attacks or security problems are there that relate to Java applets? Can you classify the level of severity of these problems?
5. (easy) What simple steps can a net surfer (a person using a browser) currently do to protect themselves from attacks or security problems related to Java?
6. (moderate) What is the Java security model? What pieces of the Java system have what responsibilities in enforcing security?
7. (harder) Compare the Java security model to that offered by browser plugins and other systems such as JavaScript and ActiveX. What are the tradeoffs?
8. (moderate) What kinds of attacks, or hostile applets have been made in the past? How did they work, and what has been done to avoid them, if anything?
9. (hard) What could or should be done to make Java more secure?