Object oriented verification kernels for secure Java applications

Author

Grandy, Holger ; Stenzel, Kurt ; Reif, Wolfgang

Author_Institution

Inst. fur Informatik, Augsburg Univ., Germany

fYear

2005

fDate

7-9 Sept. 2005

Firstpage

170

Lastpage

179

Abstract

This paper presents an approach to the verification of large Java programs. The focus lies on programs that implement a distributed communicating system e.g. in a M- or E-commerce scenario. When trying to verify such programs, thousands of Java classes with tens of thousands of lines of code would have to be taken into consideration. That is impossible. The paper introduces a technique that dramatically reduces the amount of source code that must be considered. Additionally, a suitable method for programming security critical systems is introduced. The reduction is achieved by extracting a verification kernel from the program, which is sufficient for proving the correctness of the relevant part. An algorithm for the automatic computation of the verification kernel has been developed and is presented in the paper. The correctness of the verification kernel approach is proved on the level of the Java language semantics.

Keywords

Java; object-oriented programming; operating system kernels; program verification; programming language semantics; security of data; E-commerce; Java applications; Java language semantics; M-commerce; distributed communicating system; object oriented verification kernels; security critical system programming; Application software; Communication system security; Computer errors; Computer security; Cryptographic protocols; Cryptography; Electronic commerce; Java; Kernel; Testing;

fLanguage

English

Publisher

ieee

Conference_Titel

Software Engineering and Formal Methods, 2005. SEFM 2005. Third IEEE International Conference on

Print_ISBN

0-7695-2435-4

Type

conf

DOI

10.1109/SEFM.2005.28

Filename

1575906