公开(公告)号：EP1056005A3

公开(公告)日：2001-12-12

申请号：EP00304321.3

申请日：2000-05-22

申请人： SUN MICROSYSTEMS, INC.

发明人： Bracha, Gilad ,  Liang, Sheng ,  Lindholm, Timothy G.

IPC分类号： G06F9/445 ,  G06F11/00

CPC分类号： G06F9/44521 ,  G06F9/44589 ,  G06F9/45504

摘要： A method, computer program, signal transmission, apparatus and system verify instructions in a module of a computer program to be dynamically linked with at least one other module. First it is determined whether checking an instruction in a first module which is loaded requires a lowest upper bound (LUB) class of at least two referenced classes in one or more referenced modules different than the first module. If such information is required, a constraint for the referenced module is written without loading the referenced module. The constraint is of the form "the set of at least two classes inherits from a specified class."

公开(公告)号：EP1056003A3

公开(公告)日：2001-12-12

申请号：EP00304311.4

申请日：2000-05-22

申请人： SUN MICROSYSTEMS, INC.

发明人： Bracha, Gilad ,  Liang, Shenh ,  Lindholm, Timothy G.

IPC分类号： G06F9/445 ,  G06F11/00

CPC分类号： G06F9/44521 ,  G06F9/44589 ,  G06F9/45504

摘要： A method, computer program, signal transmission and apparatus pre-verify instructions in a module of a computer program one module-at-a-time. First it is determined whether checking an instruction in a first module which is loaded requires information in a referenced module different than the first module. If the information is required, a constraint for the referenced module is written without loading or otherwise accessing the referenced module. During linking it is determined whether a first module which is loaded has passed pre-verification one-module-at-a-time before linking. A pre-verification constraint on a constrained module is read, if any, if the first module has passed such verification. If any pre-verification constraint is read, the pre-verification constraint is enforced if the constrained module is already loaded.

公开(公告)号：EP1056002A3

公开(公告)日：2001-12-12

申请号：EP00304310.6

申请日：2000-05-22

申请人： SUN MICROSYSTEMS, INC.

发明人： Bracha, Gilad ,  Liang, Sheng ,  Lindholm, Timothy G.

IPC分类号： G06F9/445 ,  G06F11/00

CPC分类号： G06F9/44589 ,  G06F9/44521 ,  G06F9/45504

摘要： A method, computer program, signal transmission and apparatus verify instructions in a module of a computer program during linking using pre-verification constraints with fully lazy loading. It is first determined whether a first module which is loaded has passed verification one-module-at-a-time before linking. If the first module has passed verification, a pre-verification constraint on a constrained module is read, if any. It is then determined if the constrained module is loaded, if any pre-verification constraint is read. If the constrained module is not already loaded, the pre-verification constraint is retained as a verification constraint.

公开(公告)号：EP1118940A2

公开(公告)日：2001-07-25

申请号：EP01104659.6

申请日：1995-12-19

申请人： SUN MICROSYSTEMS, INC.

发明人： Gosling, James A.

IPC分类号： G06F11/36 ,  G06F9/44 ,  G06F9/45 ,  H04L29/06

CPC分类号： G06F9/45508 ,  G06F9/44589 ,  G06F11/3612 ,  G06F21/51 ,  G06F21/52 ,  G06F21/566

摘要： A program interpreter for computer programs written in a bytecode language, which uses a restricted set of data type specific bytecodes. The interpreter, prior to executing any bytecode program, executes a bytecode program verifier procedure that verifies the integrity of a specified program by identifying any bytecode instruction that would process data of the wrong type for such a bytecode and any bytecode instruction sequences in the specified program that would cause underflow or overflow of the operand stack. If the program verifier finds any instructions that violate predefined stack usage and data type usage restrictions, execution of the program by the interpreter is prevented. After pre-processing of the program by the verifier, if no program faults were found, the interpreter executes the program without performing operand stack overflow and underflow checks and without performing data type checks on operands stored in operand stack. As a result, program execution speed is greatly improved.

摘要翻译： 用于以字节码语言编写的计算机程序的程序解释器，其使用受限制的数据类型特定字节码集。 解释器在执行任何字节码程序之前，执行一个字节码程序验证程序，该程序验证程序通过识别处理指定程序中的这种字节码和任何字节码指令序列的错误类型数据的任何字节码指令来验证指定程序的完整性 这将导致操作数堆栈的下溢或溢出。 如果程序验证者发现任何违反预定义堆栈使用和数据类型使用限制的指令，则可以防止解释程序执行该程序。 在验证者对程序进行预处理后，如果没有找到程序故障，解释器将执行程序，而不执行操作数堆栈溢出和下溢检查，而不对存储在操作数堆栈中的操作数执行数据类型检查。 结果，程序执行速度大大提高。

公开(公告)号：EP1088270A1

公开(公告)日：2001-04-04

申请号：EP99931190.5

申请日：1999-06-25

申请人： Deutsche Telekom AG

发明人： POSEGGA, Joachim ,  VOGT, Harald

IPC分类号： G06F11/00

CPC分类号： G06F9/44589

摘要： The invention relates to a method for checking Java byte code programmes for security characteristics. The technical aim of the invention is to provide a method for guaranteeing the best possible security in checking the security characteristics of byte code programmes. According to the invention, the mode of operation of the byte code programme being checked is configured for a finite status transition system (M) and the state space of the JVM is configured for a finite quantity of states in M. After being entered into a model checker, the data of the status transition system (M) is compared with the data in the model checker, the data in the model checker having been entered as a set of conditions (S) for the characteristics of a reliable byte code programme. The byte code programme being checked is only released for further processing if the status transition system (M) fulfils all of the conditions of the set (S). The invention therefore provides a means of guaranteeing the security of byte code programmes and with additional enhancements, can guarantee a certain functionality. This increases the reliability of applications which are run on security-critical platforms such as smart cards.

公开(公告)号：EP1056013A2

公开(公告)日：2000-11-29

申请号：EP00304319.7

申请日：2000-05-22

申请人： SUN MICROSYSTEMS, INC.

发明人： Bracha, Gilad ,  Liang, Sheng ,  Lindholm, Timothy G.

IPC分类号： G06F11/36

CPC分类号： G06F9/44589 ,  G06F21/52

摘要： A method, computer program, signal transmission and apparatus for trusted verification of instructions in a module of a computer program first determine whether a suspect module to be loaded is from an untrusted source, such as on the internet. If from an untrusted source, the suspect module is loaded and one-module-at-a-time pre-verification is performed on the suspect module before linking. If the suspect module passes such pre-verification, the module is stored in a trusted cache.

摘要翻译： 计算机程序的模块中的指令的信任验证方法，计算机程序，信号传输和装置首先确定要加载的可疑模块是否来自诸如互联网上的不可信源。 如果来自不信任的来源，可疑模块被加载，并且在链接之前对可疑模块执行一次一次的预验证。 如果可疑模块通过这种预验证，则模块被存储在可信缓存中。

公开(公告)号：EP1056004A2

公开(公告)日：2000-11-29

申请号：EP00304312.2

申请日：2000-05-22

申请人： SUN MICROSYSTEMS, INC.

发明人： Bracha, Gilad ,  Liang, Sheng ,  Lindholm, Timothy G.

IPC分类号： G06F9/445 ,  G06F9/45

CPC分类号： G06F9/44521 ,  G06F9/44589 ,  G06F9/45504

摘要： A method, computer program, signal transmission, apparatus and system for fully lazy verification of instructions in a module of a computer program include first determining whether an instruction in a first module which is loaded requires information in a referenced module different than the first module. If such information is required, it is then determined whether the referenced module is already loaded. If the referenced module is not already loaded, a constraint is written for the referenced module without loading the referenced module. The constraint is then checked when the referenced class is loaded, if ever.

摘要翻译： 用于对计算机程序的模块中的指令进行完全惰性验证的方法，计算机程序，信号传输，装置和系统包括首先确定加载的第一模块中的指令是否需要与第一模块不同的参考模块中的信息。 如果需要这样的信息，则确定所引用的模块是否已经被加载。 如果引用的模块尚未加载，则为引用的模块编写约束，而不加载引用的模块。 当引用的类被加载时，然后检查约束，如果有的话。

公开(公告)号：EP0718761B1

公开(公告)日：2000-07-12

申请号：EP95120053.4

申请日：1995-12-19

申请人： SUN MICROSYSTEMS, INC.

发明人： Gosling, James A.

IPC分类号： G06F9/455 ,  G06F9/44

CPC分类号： G06F9/44526 ,  G06F8/60 ,  G06F8/61 ,  G06F9/445 ,  G06F9/44589 ,  G06F9/45508 ,  G06F9/465 ,  G06F9/54

公开(公告)号：EP0718764A3

公开(公告)日：1997-01-15

申请号：EP95120052.6

申请日：1995-12-19

申请人： SUN MICROSYSTEMS, INC.

发明人： Gosling, James A.

IPC分类号： G06F11/00

CPC分类号： G06F9/45508 ,  G06F9/44589 ,  G06F11/3612 ,  G06F21/51 ,  G06F21/52 ,  G06F21/566

摘要： A program interpreter for computer programs written in a bytecode language, which uses a restricted set of data type specific bytecodes. The interpreter, prior to executing any bytecode program, executes a bytecode program verifier procedure that verifies the integrity of a specified program by identifying any bytecode instruction that would process data of the wrong type for such a bytecode and any bytecode instruction sequences in the specified program that would cause underflow or overflow of the operand stack. If the program verifier finds any instructions that violate predefined stack usage and data type usage restrictions, execution of the program by the interpreter is prevented. After pre-processing of the program by the verifier, if no program faults were found, the interpreter executes the program without performing operand stack overflow and underflow checks and without performing data type checks on operands stored in operand stack. As a result, program execution speed is greatly improved.

公开(公告)号：EP0718761A1

公开(公告)日：1996-06-26

申请号：EP95120053.4

申请日：1995-12-19

申请人： SUN MICROSYSTEMS, INC.

发明人： Gosling, James A.

IPC分类号： G06F9/455 ,  G06F9/44

CPC分类号： G06F9/44526 ,  G06F8/60 ,  G06F8/61 ,  G06F9/445 ,  G06F9/44589 ,  G06F9/45508 ,  G06F9/465 ,  G06F9/54

摘要： A class loader downloads objects and object viewers from remote computer nodes, and invokes locally stored object viewers to view objects. When a user selects an object to view, a conventional downloading of the referenced object is initiated. The class loader, however, utilizes data type information received at the beginning of the object downloading process to determine if a viewer for the referenced object is available on the user's workstation. If an appropriate view is not locally available, the class loader automatically locates an appropriate viewer on the server from which the object is being downloaded, or from any other appropriate server known to the user's workstation. The class loader downloads the located viewer and then invokes a program verification procedure to verify the integrity of the downloaded viewer before the viewer is executed. Once a viewer has been verified, the viewer is added to the user's local viewer library, downloading of the referenced object is completed, and execution of the viewer to view the downloaded object is enabled. If an appropriate viewer cannot be located, or the only viewer located does not pass the verification procedure, downloading of the referenced object is aborted.

摘要翻译： 类加载器从远程计算机节点下载对象和对象查看器，并调用本地存储的对象查看器来查看对象。 当用户选择要查看的对象时，启动引用对象的常规下载。 然而，类加载器利用在对象下载处理开始时接收到的数据类型信息来确定用户工作站上所引用对象的查看器是否可用。 如果适当的视图不是本地可用的，则类装载器将自动在要从其下载对象的服务器上或从用户工作站已知的任何其他适当的服务器上查找适当的查看器。 类加载器下载定位的查看器，然后在执行查看器之前调用程序验证过程来验证下载的查看器的完整性。 一旦查看器被验证，观众被添加到用户的本地浏览器库中，完成所引用的对象的下载，并且启用观看者查看下载对象的执行。 如果不能找到适当的查看器，或者唯一的查看器不能通过验证过程，则中止引用对象的下载。