Java run-time security policies

Spring 2008

Student
Bradley Miller
Advisor
Lujo Bauer
Project description

This project seeks to create a web (http) proxy which will support the Polymer run-time security system for Java. Polymer works to monitor the run-time security of Java programs by modifying jar and class files to perform checks prior to executing security sensitive actions. Before any security sensitive action is attempted, Polymer will act according to a pre-specified policy to determine how handle the security related action. Outcomes range from allowing the action to proceed as normal to halting the program.

This project focuses on the creation of the web proxy and the modification of J2ME jar and class files. The web proxy will detect jar and class files which are passing through the proxy, modify the files to insert Polymer functionality, and then return the files to the user. The challenge will be twofold, as the proxy server must be sufficiently robust and stable, and must have the ability to identify and modify jar and class files.

Return to project list